|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Publicity] Blog-post RFC: Hardening Xen against VENOM-style attacks
On 05/14/2015 12:59 PM, Stefano Stabellini wrote: > On Thu, 14 May 2015, George Dunlap wrote: >> On 05/14/2015 11:39 AM, Anil Madhavapeddy wrote: >>> Yeah... it's worth noting that unikernels like MirageOS or HaLVM never use >>> the x86 device emulation and so require a far easier to audit hypervisor >>> TCB that doesn't involve qemu. >>> >>> Also, is it worth mentioning why the qemu stub domain isn't the default? >>> Is it all compiled and installed in most of the hypervisor distributions on >>> Ubuntu/CentOS/etc? I don't think even XenServer uses qemu stub domains, >>> although that might have changed in the recent release. >> >> Well the main reason is that qemu-upstream doesn't work with stub >> domains yet. Anthony worked on it for what, a year? He got pretty far >> but there are just a lot of thorny issues to deal with. > > To be fair, there are also other reasons: memory overhead, number of > domains doubling, and the additional complexity of having 2 QEMUs for > each domain (there is still one QEMU in Dom0 running for each guest, > although it just provides the PV backends). > IMHO that's not necessarily a technical issue for not letting you use stubdoms. They could charge you for the extra domain same way as they charge you for your main VM. They would have to have dedicated hosts however where all domains use stubdoms, otherwise you don't become more protected - your neighbors do. Tamas _______________________________________________ Publicity mailing list Publicity@xxxxxxxxxxxxxxxxxxxx http://lists.xenproject.org/cgi-bin/mailman/listinfo/publicity
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |