This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


RE: [Xen-ia64-devel] Time for hybrid virtualization?

Quoting "Xu, Anthony" <anthony.xu@xxxxxxxxx>:

> tgingold@xxxxxxx wrote:
> > I am worried with Sal/Pal.  How do you prevent dom0 from making host
> > PAL calls?
> We have handled this before in a private project.
> Xen can know the pal_entry and sal_entry from the system_table,
> There are two methods to intercept them.
> 1. change the pal_entry and sal_entry of system_table to faked entry
> point.
> 2. patch pal_entry and sal_entry code to jump to a faked code sequence.
> Method 2 is more secure, because native FW may store pal_entry and
> sal_entry at other place.

Let's forget method 1.

With method 2, I suppose a copy is created first (ie, you don't patch the
host pal).  I am not sure there is no direct call from EFI that bypass the
pal/sal entry.


Xen-ia64-devel mailing list

<Prev in Thread] Current Thread [Next in Thread>