WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

Re: [Xen-devel] Academic Project

To: dinesh chandrasekaran <dinesh_chan8@xxxxxxxxxxx>
Subject: Re: [Xen-devel] Academic Project
From: weiming <zephyr.zhao@xxxxxxxxx>
Date: Mon, 23 Feb 2009 10:44:34 -0500
Cc: xen developers community <xen-devel@xxxxxxxxxxxxxxxxxxx>
Delivery-date: Mon, 23 Feb 2009 07:45:02 -0800
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type; bh=slAQSB4V0vsm24iQ0JSjO9fEOVBqNbQm0IH+QKDlCf0=; b=FHWU1ntti38CCGwryN5/3eD1X+u1AsHmxoClXMj6J6geJyE6o6sBDFrc52/ibAZttM c9brxCn21ln2A3WRLsSPMEPkkAUgHQkFfvlh/xAA71YvTGLHCTf6oDTboYZBcTXwYpxB BZF2f1rcfnDf1wvy0qbuFLx+xQT/HFajAJ+MU=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=oq9GVcQN1odMSTZeEp3z+tPd5iaZSdYqOvg3tW2GoGc5FXRhDB5Nag2jGsXvsMJ6al hRFY4zqzMN+1LTP8q3ND5uT9Gk94N/j6FFPBg7vfRLQBbVFZY1739GMgl4akEeyJWCJs F+pvNaRh1PlqoPqhf/Tsb7A6QKzbug9KLS+es=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <COL107-W681426EB64C2FB40D1CB34B1AE0@xxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <COL107-W30EB1E58A54E15204F3C6FB1B10@xxxxxxx> <D4980157-9DB2-4205-BDA8-756727AD128F@xxxxxxxxx> <COL107-W681426EB64C2FB40D1CB34B1AE0@xxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
I'm curious about the crypto coprocessor. Does it work like a memory controller? So every memory read/write will be encrypted/decrypted by it?

Thanks,
Weiming

On Mon, Feb 23, 2009 at 10:31 AM, dinesh chandrasekaran <dinesh_chan8@xxxxxxxxxxx> wrote:



From: dinesh_chan8@xxxxxxxxxxx
To: michal@xxxxxxxxx
Subject: RE: [Xen-devel] Academic Project
Date: Mon, 23 Feb 2009 00:46:01 +0530

Essentially, first step towards minimizing the trusted computing base.

Assuming the VMM is not compromised (after a secure boot), domU doesnt have to trust dom0.

For example, the following command issued from dom0 would dump the guest memory in dom0 hard disk,
                     xm save Guest guest_mem.dump

Using the crypto coprocessor, this can be encrypted, so that only domU can read/write and not dom0.
The result of the above command will store an encrypted dump file on the dom0 disk.

Thanks,
Dinesh C

From: michal@xxxxxxxxx
To: dinesh_chan8@xxxxxxxxxxx
Subject: Re: [Xen-devel] Academic Project
Date: Sun, 22 Feb 2009 19:31:32 +0100

And what is the purpose of this?
Seems to be trivial to get over it.

Sent from my iPhone

On Feb 22, 2009, at 6:19 PM, dinesh chandrasekaran <dinesh_chan8@xxxxxxxxxxx> wrote:

Hi Folks,
               I'm developing a secure memory manager module for xen as a part of my academic project.
 Thereby protecting DomU memory by moving the trust for memory protection from Dom0 to hardware by encrypting/
 decrypting the guest memory on per-domain-secret key basis and realizing the same using a crypto coprocessor (FPGA)
 with necessary software (XEN) hooks and interfaces.

 Now one of the implementation issues is that how to move the domU memory allocation (both boot pages and application pages) 
 to fall behind the coprocessor by modifying xen source. If so where in the source tree the changes have to be made.

 I did try modifying common/memory.c : populate_physmap(), but I am afraid this is not the right place.
 Since I have allocate real memory to domU, I am clueless.
 
 I would appreciate you If you could send me your valuable suggestions.

Thanks,
Dinesh C


Akshay Kumar takes on the two reigning Bollywood Khans. Catch the action on MSN Entertainment! Check it out!
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel


Akshay Kumar takes on the two reigning Bollywood Khans. Catch the action on MSN Entertainment! Check it out!

Get a view of the world through MSN Video. Some things just cannot be left unseen. Try it!

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
<Prev in Thread] Current Thread [Next in Thread>