WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

[Xen-devel] RE: information leaking between domains via granted pages?

To: James Harper <james.harper@xxxxxxxxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject: [Xen-devel] RE: information leaking between domains via granted pages?
From: "Santos, Jose Renato G" <joserenato.santos@xxxxxx>
Date: Tue, 4 Mar 2008 05:51:43 +0000
Accept-language: en-US
Acceptlanguage: en-US
Delivery-date: Mon, 03 Mar 2008 21:53:21 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <AEC6C66638C05B468B556EA548C1A77D013DBE54@trantor>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <AEC6C66638C05B468B556EA548C1A77D013DBE54@trantor>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: Ach9qLXF4BxOPME/Qtm5dC52XyjJVwAEJdzA
Thread-topic: information leaking between domains via granted pages?

> -----Original Message-----
> From: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
> [mailto:xen-devel-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of
> James Harper
> Sent: Monday, March 03, 2008 7:35 PM
> To: xen-devel@xxxxxxxxxxxxxxxxxxx
> Subject: [Xen-devel] information leaking between domains via
> granted pages?
>
> Is there a statement anywhere regarding information that
> could be leaked or modified between domains when pages are granted?
>
> Eg, Dom0 sends a network packet to DomU. The network data
> only uses 64 bytes in the page, but DomU (via a specially
> crafted netfront driver) can access and record all the other
> data in the page...
>

  This is not a problem today as DomU is not granted access to any Dom0 page. 
DomU is the one which grants access to dom0 both for TX and RX.
  On the other hand dom0 can access any data in granted domU pages but this is 
OK as we trust dom0.
  Renato

> James
>
>
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-devel
>

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel