Re: [Xen-users] Xen Security

[Simon Hobson <linux@xxxxxxxxxxxxxxxx>]

Jonathan Tripathy wrote:

> Can you please explain to me some of these "side channel attacks"?
At some points, the guest and host are communicating, not to mention 
that for a lot of the time, the guest is using the processor. If 
there is a bug in Xen somewhere, then it's conceivable that the guest 
could exploit this in several ways.
One is simply to subvert the communications between the guest and the 
host - things like buffer overflows, code injection, etc that could 
be used to manipulate the host into doing something that it's not 
supposed to. If a guest can somehow get control of the host then all 
security is out of the windows since the host has "super god" access 
to everything on the machine.
If the guest can somehow subvert the security settings in the 
processor then it could break out of it's virtual processor jail and 
have access to the whole machine. Once again, if that happens, then 
all your security goes out of the window.
Personally I don't think the risks are high, but these are complex 
systems running complex code. Even the "big boys" can get things 
wrong - remember the Pentium floating point bug that slipped through 
all Intel's testing ?
> I've never heard of "storage reuse" before?
You have some storage used for task A. Task A is no longer required 
and you destroy it. You now have a need for Task B and allocate it 
some storage. Unless you fully wipe the space, then the storage 
allocated to Task B may contain data previously used by Task A. This 
isn't Xen specific, the same thing happens if you reuse any storage 
in any form without sanitising it first.
--
Simon Hobson

Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users