WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] stubdom questions

from [Ian Jackson] [Permanent Link][Original]
To: Jan Beulich <JBeulich@xxxxxxxxxx>
Subject: Re: [Xen-devel] stubdom questions
From: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>
Date: Wed, 10 Nov 2010 13:55:16 +0000
Cc: "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>
Delivery-date: Wed, 10 Nov 2010 05:55:55 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <4CDA7B7B02000078000216D5@xxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <4CD9341702000078000211AD@xxxxxxxxxxxxxxxxxx> <19673.32283.719732.580669@xxxxxxxxxxxxxxxxxxxxxxxx> <4CDA7B7B02000078000216D5@xxxxxxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx 
Jan Beulich writes ("Re: [Xen-devel] stubdom questions"):
> On 09.11.10 at 18:00, Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx> wrote:
> > Yes, this is intentional.  We don't want to update these unless
> > necessary, really.
> 
> So even security problems fixed in upstream packages are deemed
> to be of no concern (or if they are, need to be handled manually by
> adding patches)?

The libraries underlying stubdom aren't exposed directly to hostile
data; they communicate only with the qemu in stubdom, and dom0.
Communication with the untrusted guest is done by the qemu code.
Furthermore, the stubdom itself is supposed to be no more trusted than
the guest it is servicing.  So I think in theory almost all security
bugs in these libraries should be unexploitable in the stubdom
context.

If you could point to a counterexample that would be very interesting.

> > The stubdom build system is a bit of a mess, unfortunately.
> 
> Are there intentions to get this cleaned up?

In the long term yes, but I don't think we have it as a priority.

Ian.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-devel] [PATCH]: Allow HVM guests to use entire address space, Keir Fraser
Next by Date:  Re: [Xen-devel] [PATCH]: Allow HVM guests to use entire address space, Gianni Tedesco
Previous by Thread:  Re: [Xen-devel] stubdom questions, Gianni Tedesco
Next by Thread:  Re: [Xen-devel] stubdom questions, Samuel Thibault
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy