WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Building domains as a lesser user (was Re: [Xen-devel] boot loaders

from [Anthony Liguori] [Permanent Link][Original]
To: Jacob Gorm Hansen <jacobg@xxxxxxx>
Subject: Re: Building domains as a lesser user (was Re: [Xen-devel] boot loaders for domain != 0)
From: Anthony Liguori <anthony@xxxxxxxxxxxxx>
Date: Thu, 03 Feb 2005 21:54:22 -0600
Cc: xen-devel@xxxxxxxxxxxxxxxxxxxxx
Delivery-date: Fri, 04 Feb 2005 03:54:48 +0000
Envelope-to: xen+James.Bulpin@xxxxxxxxxxxx
In-reply-to: <4202EE37.4080707@xxxxxxx>
List-archive: <http://sourceforge.net/mailarchive/forum.php?forum=xen-devel>
List-help: <mailto:xen-devel-request@lists.sourceforge.net?subject=help>
List-id: List for Xen developers <xen-devel.lists.sourceforge.net>
List-post: <mailto:xen-devel@lists.sourceforge.net>
List-subscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=subscribe>
List-unsubscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=unsubscribe>
References: <A95E2296287EAD4EB592B5DEEFCE0E9D1236FB@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <4202EC36.8000103@xxxxxxxxxxxxx> <4202EE37.4080707@xxxxxxx>
Sender: xen-devel-admin@xxxxxxxxxxxxxxxxxxxxx
User-agent: Mozilla Thunderbird 1.0 (X11/20041206) 
Jacob Gorm Hansen wrote:
I would disagree that the trusted loader is a point of failure. It is not trusted in the sense that we need to trust its code to behave correctly, all we need is to trust it as not being malformed data that can trigger an exploit in the domain builder, and of course it is not, given that it is supplied by you the admin and not by a (potentially hostile) user.
Well, it's not the same as trusting a Domain's filesystem to be proper. But it still requires trusting that there are no exploitable bugs in the software.
Using a lesser-user to create the domain within Domain-0 requires trusting there are no exploitable bugs in the kernel syscall interfaces. 

So, it's a point of failure as much as Linux is.
Anyway, this code is already written for Xen 1.3. You can find it at http://www.diku.dk/~jacobg/self-migration/
Awesome! This is pretty cool stuff. Do you have plans to update for Xen 2.0/Linux 2.6? Kernel-driven migration seems like an appealing topic. 

Regards,


Jacob





--
Anthony Liguori
anthony@xxxxxxxxxxxxx



-------------------------------------------------------
This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag-&-drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Building domains as a lesser user (was Re: [Xen-devel] boot loaders for domain != 0), Jacob Gorm Hansen
Next by Date:  Re: Building domains as a lesser user (was Re: [Xen-devel] boot loaders for domain != 0), Jacob Gorm Hansen
Previous by Thread:  Re: Building domains as a lesser user (was Re: [Xen-devel] boot loaders for domain != 0), Jacob Gorm Hansen
Next by Thread:  Re: Building domains as a lesser user (was Re: [Xen-devel] boot loaders for domain != 0), Jacob Gorm Hansen
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy