WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] Academic Project

from [Christian Leber] [Permanent Link][Original]
To: dinesh chandrasekaran <dinesh_chan8@xxxxxxxxxxx>
Subject: Re: [Xen-devel] Academic Project
From: Christian Leber <christian@xxxxxxxx>
Date: Wed, 4 Mar 2009 09:45:58 +0100
Cc: xen-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Wed, 04 Mar 2009 00:46:58 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <COL107-W147CA88193483F639D9C2AB1A70@xxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <COL107-W681426EB64C2FB40D1CB34B1AE0@xxxxxxx> <add59a3f0902230744h539dba97qf5b0834b1a9e93b2@xxxxxxxxxxxxxx> <COL107-W662A85A97BE16D6CB54455B1AE0@xxxxxxx> <add59a3f0902230816l42ce6c97l263e5f40a735e56@xxxxxxxxxxxxxx> <COL107-W18AB1966241BA41FB0025FB1AE0@xxxxxxx> <COL107-W60C682B2373EA2830D58E2B1A60@xxxxxxx> <20090303225412.GA26841@core> <COL107-W5516978ABED2A03D11348CB1A70@xxxxxxx> <20090304005536.GA1450@core> <COL107-W147CA88193483F639D9C2AB1A70@xxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.5.17+20080114 (2008-01-14) 
On Wed, Mar 04, 2009 at 08:25:49AM +0530, dinesh chandrasekaran wrote:

Hi dinesh

>    > That implies the protection hardware is not controlled by the dom0 and
>    > there is another more secure way for the administration of it and second
>    > that the dom0 can't do anything.
> 
>    Absolutely. You are correct.

Ok, so how do you plan to do this and why is this supposed to be more
secure?

>    I guess the domain scheduling is done by the VMM and not by dom0?
>    Through VMM Hooks, the VMM is made to inform the device about the domain
>    scheduled to run.
>    So dom0 cannot claim to be any domU.

I'm not really sure, but i think the dom0 can access the complete system
memory. If not, then it controls at least some hardware that can do DMA
and can this way access all the memory.

-> dom0 can write/read all memory -> it can do anything

>    > furthermore the dom0 should also be able to overwrite the xen kernel.
> 
>    Can you throw some lights on the above "overwriting the xen kernel by
>    dom0"?

A compromised dom0 could just replace the xen kernel/hypervisor on disk and/or 
in
memory.

Your idea just has so many problems, like what are you doing to do about disk 
i/o?


Christian


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-devel] How expensive is a VM EXIT?, Keir Fraser
Next by Date:  [Xen-devel] [PATCH]Add a flag for shadow pages, Jiang, Yunhong
Previous by Thread:  Re: [Xen-devel] Volume group "VolGroup00" not found when I boot xen, Boris Derzhavets
Next by Thread:  RE: [Xen-devel] Academic Project, dinesh chandrasekaran
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy