WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] xend leaks/bugs/etc

from [Hollis Blanchard] [Permanent Link][Original]
To: Anthony Liguori <aliguori@xxxxxxxxxx>
Subject: Re: [Xen-devel] xend leaks/bugs/etc
From: Hollis Blanchard <hollisb@xxxxxxxxxx>
Date: Mon, 18 Apr 2005 11:16:02 -0500
Cc: Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx>
Delivery-date: Mon, 18 Apr 2005 16:18:21 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <4263D624.4040906@xxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Organization: IBM Linux Technology Center
References: <A95E2296287EAD4EB592B5DEEFCE0E9D1E3BE3@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <1113804011.9189.46.camel@multivac> <1113834723.7086.87.camel@localhost> <4263CF05.2030906@xxxxxxxxxx> <1113838055.7546.6.camel@xxxxxxxxxxxxxxxxxxxxx> <4263D624.4040906@xxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx 
On Mon, 2005-04-18 at 10:45 -0500, Anthony Liguori wrote:
> Hollis Blanchard wrote:
> 
> >On Mon, 2005-04-18 at 10:15 -0500, Anthony Liguori wrote:
> >  
> >>This is a very big problem.  One very difficult issue to address is
> >>how to deal with very hostile domains that may attempt DoS attacks by 
> >>flooding their own console.
> >
> >This isn't really a xend issue. I'm not sure this *can* be addressed,
> >and I believe other hypervisors have this problem as well.
> >  
> I'm not sure I agree.  Since Xen only provides shared-memory and event 
> channels, the tools control how frequently they look at shared-memory 
> (so a tool can throttle itself).  The only possible DoS venue should be 
> the event channels.  The tools should simply be able to unbind from 
> event channels that are considered hostile.

And how exactly would you distinguish between a hostile domain and a
mission-critical-yet-chatty domain? Or would you indiscriminately drop
console data from all overly talkative domains?

-- 
Hollis Blanchard
IBM Linux Technology Center


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-devel] xend leaks/bugs/etc, Harry Butterworth
Next by Date:  Re: [Xen-devel] Unstableness in grant table block drivers, Christopher Clark
Previous by Thread:  Re: [Xen-devel] xend leaks/bugs/etc, Anthony Liguori
Next by Thread:  Re: [Xen-devel] xend leaks/bugs/etc, Harry Butterworth
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy