Christian,
> That implies the protection hardware is not controlled by the dom0 and
> there is another more secure way for the administration of it and second
> that the dom0 can't do anything.
Absolutely. You are correct.
> The dom0 can afaik do basically anything, so it also can claim "i'm
> secure domU No. 2 and i want my data!", furthermore the dom0 should also be
> able to overwrite the xen kernel.
I guess the domain scheduling is done by the VMM and not by dom0?
Through VMM Hooks, the VMM is made to inform the device about the domain scheduled to run.
So dom0 cannot claim to be any domU.
> furthermore the dom0 should also be able to overwrite the xen kernel.
Can you throw some lights on the above "overwriting the xen kernel by dom0"?
regards,
Dinesh C
> Date: Wed, 4 Mar 2009 01:55:36 +0100
> From: christian@xxxxxxxx
> To: dinesh_chan8@xxxxxxxxxxx
> CC: xen-devel@xxxxxxxxxxxxxxxxxxx
> Subject: Re: [Xen-devel] Academic Project
>
> On Wed, Mar 04, 2009 at 06:00:40AM +0530, dinesh chandrasekaran wrote:
>
> Hi dinesh
>
> > 1) dom0 is another linux kernel which runs in ring 3 (IA64) along with
> > other guests with more privileges.
> > 2) It runs the management tools (xm) which is the point of user
> > interaction for desktop virtualization.
> > Hence the goal is to protect the guest memory/state from compromised dom0.
>
> That implies the protection hardware is not controlled by the dom0 and
> there is another more secure way for the administration of it and second
> that the dom0 can't do anything.
>
> The dom0 can afaik do basically anything, so it also can claim "i'm
> secure domU No. 2 and i want my data!", furthermore the dom0 should also be
> able to overwrite the xen kernel.
>
> > By the way, I'm sorry I use PCIe board and not PCI .
>
> Does not matter, it has the same latency, you'll get 10-20 MB/s memory
> performance.
>
>
> Christian
Turn life your way with Windows on your PC, internet & mobile. Also WIN laptops & mobiles at Try it!
|
