This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-devel] protecting xen startup

To: Luke Kenneth Casson Leighton <lkcl@xxxxxxxx>
Subject: Re: [Xen-devel] protecting xen startup
From: Mike Wray <mike.wray@xxxxxxxxxx>
Date: Tue, 23 Nov 2004 18:07:28 +0000
Cc: xen-devel@xxxxxxxxxxxxxxxxxxxxx
Delivery-date: Tue, 23 Nov 2004 18:10:35 +0000
Envelope-to: xen+James.Bulpin@xxxxxxxxxxxx
In-reply-to: <20041123170546.GB6250@xxxxxxxx>
List-archive: <http://sourceforge.net/mailarchive/forum.php?forum=xen-devel>
List-help: <mailto:xen-devel-request@lists.sourceforge.net?subject=help>
List-id: List for Xen developers <xen-devel.lists.sourceforge.net>
List-post: <mailto:xen-devel@lists.sourceforge.net>
List-subscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=subscribe>
List-unsubscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=unsubscribe>
References: <20041123170546.GB6250@xxxxxxxx>
Sender: xen-devel-admin@xxxxxxxxxxxxxxxxxxxxx
User-agent: Mozilla Thunderbird 0.9 (Windows/20041103)
Luke Kenneth Casson Leighton wrote:

i notice that there's a management interface on port 8000.

i seek to protect this interface such that nothing but a trusted program
(think selinux) may run, manage, start up or shut down xen oses.

so: where can i find out information about the structure of the
xen management interface?

is the port 8000 stuff just providing a web server (/etc/init.d/xend)
front-end to some extra system calls?

What lives behind port 8000 is xend. This is the management daemon for xen.
It presents its interface over HTTP and implements it using low-level calls
into the xen hypervisor via ioctls. There is no system call
interface that corresponds to the xend api.

is the port 8000 stuff actually running in the xen boot-up stuff?

Xen boots the hypervisor, then domain-0.
Xend runs in domain-0 and is the normal way that all other domains
get started.

if it's some extra system calls that's very good because it will be
possible to add selinux security hooks to protect each system call.

You should be able to use selinux rules to specify what gets to talk to xend at port 8000. You'd need to enable LSM and selinux in the domain-0 kernel, but
otherwise all you should need to do is configure selinux appropriately.



Hope this helps,


SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/
Xen-devel mailing list

<Prev in Thread] Current Thread [Next in Thread>