[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] On x86_64 Xen Implementation

To: Xen-devel@xxxxxxxxxxxxxxxxxxx
From: BVK Chaitanya <bayapuneni_chaitanya@xxxxxxxxxxxx>
Date: Mon, 21 Jul 2008 16:20:22 +0530
Cc:
Delivery-date: Mon, 21 Jul 2008 03:47:24 -0700
List-id: Xen developer discussion <xen-devel.lists.xensource.com>

Hi,

Xen 3.0 inteface manual says:

On 64-bit systems it is not possible to protect the hypervisor fromuntrusted guest code running in rings 1 and 2. Guests are thereforerestricted to run in ring 3 only. The guest kernel is protected from itsapplications by context switching between the kernel and currentlyrunning application.

Can anybody explain (or provide me pointers) to what x86_64 featuresmake protecting hypervisor from untrusted guest (kernels) impossible?Is x86_64 (by-design) makes x86's 4 rings feature obsolete?



thanks,
--
bvk-chaitanya

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

Follow-Ups:
- Re: [Xen-devel] On x86_64 Xen Implementation
  - From: Andre Przywara

Prev by Date: Re: [Xen-devel] HVM direct boot broken in xen-unstable
Next by Date: [Xen-devel] [PATCH] Re: Who uses xc_gnttab_map_grant_refs?
Previous by thread: [Xen-devel] [Patch] ioemu-remote: fix gcc4 build problem (?)
Next by thread: Re: [Xen-devel] On x86_64 Xen Implementation
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.