|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: Fw: [Xen-devel] Xen on /. again
Mark Williamson wrote: Information about other domains' memory usage is leaked via the hardware->physical mapping.OK, I was forgetting about the domain memory reservation hypercalls. It's probably reasonable just to throw away ballooning functionality where this might be a problem.The main problem (as I see it) is going to be the network interface, whose performance depends on page-flipping. You can eliminate the security problem without hiding machine address if you copy incoming packets but that's going to hurt performance :-(Timing related attacks are somewhat trickier to eliminate covert channels in, although some randomisation can limit the bandwidth.Eliminating covert channels is completely infeasible. I don't see any value in aiming for this. It's not a useful security property in most circumstances.I agree it's not useful in the majority of circumstances. If it's required it can be implemented at a later date but the returns for the amount of time invested are likely to be smaller. It almost certainly can't be implemented at a later date. Even attempting to do so (without really succeeding) would require significant incompatible changes to the hypervisor interface. The idea of limiting covert channels should have been abandoned when it became clear that it isn't feasible without severely constraining the efficiency and functionality of an operating system. Unfortunately it is too interesting a problem, so a lot of effort has been essentially wasted in research into this area, without ever coming up with any way to limit the bandwidth to a useful extent. Attackers only need a very small bandwidth to transmit many of the things that are most useful from their point of view (cryptographic keys, passwords, compressed answers from a program that can look at any amount of data), so claims about limiting the bandwidth really just give a false sense of security. -- David Hopwood <david.nospam.hopwood@xxxxxxxxxxxxxxxx> ------------------------------------------------------- This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting Tool for open source databases. Create drag-&-drop reports. Save time by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc. Download a FREE copy at http://www.intelliview.com/go/osdn_nl _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |