WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-devel] Re: What is more secure? HVM or PV ?

from [David Pilger] [Permanent Link][Original]
To: xen-devel@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-devel] Re: What is more secure? HVM or PV ?
From: "David Pilger" <pilger.david@xxxxxxxxx>
Date: Tue, 19 Dec 2006 10:35:01 +0200
Delivery-date: Tue, 19 Dec 2006 00:34:50 -0800
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=jSDxxlQhAo9zi+YBTOxA1SyMCDQK9h/K/6CY55tbL780aK7jvb3OydffoZJtylBtdE1TG4eH7CiJsGPsb9ExBmx6oQnf+Dv4VbQQOR5VAmzUx9Dj1iO048v0/uR7UtkpwEWDBNuq3hoWydPRFn4ZkN/Ix4Y4l3tVkjX8XMzMuro=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <280848580612180840k666dde6fmb02a04b69cd75da@xxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <280848580612180840k666dde6fmb02a04b69cd75da@xxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx 
Let me rephrase my question -
What are the attack vectors for each architecture?

For PV it's the Paravirtualization API and hypercalls, and for HVM
it's the VMEXIT Parsing / QEMU states and hypercalls...

Are there other attack vectors that may be used to hack from a domU or
HVM into dom0? can we get an obvious conclusion about which
architechture is more secure? PV or HVM?

Thanks,
David.

On 12/18/06, David Pilger <pilger.david@xxxxxxxxx> wrote:

Hi,

So what's more secure? a HVM or a PV DomU?
Which one of the architectures is more "open" for attacks, if someone
wants to execute code in domain0 ?



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xen-devel] Re: [patch/rfc] multiprotocol blkback drivers (32-on-64), Gerd Hoffmann
Next by Date:  [Xen-devel] Re: [patch/rfc] multiprotocol blkback drivers (32-on-64), Gerd Hoffmann
Previous by Thread:  [Xen-devel] What is more secure? HVM or PV ?, David Pilger
Next by Thread:  RE: [Xen-devel] Re: What is more secure? HVM or PV ?, Petersson, Mats
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy