WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-devel] dom0 vs non-dom0 differentiation inside Xen hypervisor

from [Peter Teoh] [Permanent Link][Original]
To: xen-devel@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-devel] dom0 vs non-dom0 differentiation inside Xen hypervisor
From: Peter Teoh <htmldeveloper@xxxxxxxxx>
Date: Sun, 02 Sep 2007 15:12:08 +0800
Delivery-date: Thu, 13 Sep 2007 05:27:12 -0700
Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:user-agent:mime-version:to:subject:content-type:content-transfer-encoding:from; b=VIJCzapPq3twEzSbwr+igSy97Dm1RvpgMop/5bsqfLWAzzyoFi6J4WRkLvPrIneB3Y0BT3Jhs5EJeejAZt0RWwbwfwCW+4Zl6bdVcNZ2BSdz0IhXzHoUoyxY7xMVPS7V3+XDJvkigJcKLuxxIyo5ZDTNc8lGa4Wqbaw3xeOEJyE=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:user-agent:mime-version:to:subject:content-type:content-transfer-encoding:from; b=PnNtZREsXz4nCheOOT0OVFixNan9JiXkrb2lQNBtkUz3bH5CTeKKf3U06I/g0Ukoj0hlqEoojl44PrQfPXGGq8Hh2QAS7joZpY3dmjsEZsfxZYXKgK+9qfiptgvhruEirlyz+mDqMUVVcm7Df8GPKVZKBY+iQPkQtEWv5eX+2R4=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Thunderbird 1.5.0.12 (X11/20070719)
In some parts of IA64 I can see that domain==dom0 checking is done, but in all x86 - I have yet to find a proper checking that the hypercalls comes from a dom0 domain instead of any other domain.
Theoretically, this means that any domain (PV or HVM) can always modify its own kernel binary and then make a direct hypercall (via int 0x82 or SYSENTER) into the hypervisor, executing domain controller commands like create domain etc.
Is this possible? Access control should be done from the hypervisor side, so any existing dom0 checking (CONFIG_XEN_PRIVILEGED_GUEST compilation option - done from the dom0 side) seems like useless, because another domU can always modify its own kernel binaries to achieve all the features what CONF_XEN_PRIVILEGED_GUEST restrict. 

Am I right?

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xen-devel] Re: [RFC][Patch] Improvemet the responce of xend., Peter Teoh
Next by Date:  Re: [Xen-devel] Re: Re: 3ware 9650 and Xen 3.1, Robert Valentan
Previous by Thread:  Re: [Xen-devel] dom0 vs non-dom0 differentiation inside Xen hypervisor, Keir Fraser
Next by Thread:  Re: [Xen-devel] dom0 vs non-dom0 differentiation inside Xen hypervisor, Derek Murray
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy