WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

Re: [Xen-devel] Regarding Xen security....

To: "Petersson, Mats" <Mats.Petersson@xxxxxxx>
Subject: Re: [Xen-devel] Regarding Xen security....
From: "David Pilger" <pilger.david@xxxxxxxxx>
Date: Mon, 15 Jan 2007 19:05:09 +0200
Cc: Praveen Kushwaha <praveen.kushwaha@xxxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Mon, 15 Jan 2007 09:04:41 -0800
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=JDu04tKyeO2PUINAWLc7ce0wFe6Q+BJoaodn0H0ncZz9QwgoWG2nO+UsLkUxVmSuS/ncMfy11m2Iw+HXc1/3btiJdkr89eFYZ/CMaV7MbzE0vfSr0G282EJGdnIGs0mtFwE9hpwvz3KfdtjyOswj+iphn1Hx1H1QjlQeaboev3o=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <907625E08839C4409CE5768403633E0B018E1877@xxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <280848580701150418q46ad0dedtcd250f5f4632914c@xxxxxxxxxxxxxx> <907625E08839C4409CE5768403633E0B018E1877@xxxxxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
On 1/15/07, Petersson, Mats <Mats.Petersson@xxxxxxx> wrote:
The key, however, is that to use any of this, there are two conditions
required:
1. Access to run at Ring 0 - and assuming that this is not so difficult
is probably fair, but it also means that the system isn't really secure
anyways, because as soon as some arbitrary code can run in Ring 0, it's
able to do ANYTHING in the system that it likes [although it may be a
little bit of hard work to actually go from a trivial exploit to
actually gain full control over the system].
2. That there isn't some other use of the SVM/VMX feature in place
already - as of current, neither of these techniques are nestable, so
once some code has gained control of the SVM/VMX feature, anyone else
attempting the same thing will fail in some respect.


Yep. saying that VT-x is unsecure in some manner is exactly like
saying that ring0 is not secure...

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel