|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] RAM security
I looked into this sometime this last year. I believe the answer is "no": the domain destruction routines will zero memory before handing it back to Xen. One potential data leak, however (last time I looked at this), is that Xen does not scrub memory handed back by the balloon driver. So if the guest OS hasn't scrubbed it, and it contains sensitive information, it may end up being assigned to another domain as-is (either via ballooning or start-of-day domain creation). At the moment that's considered the guest's responsibility. -George On Mon, Dec 6, 2010 at 2:35 PM, Jonathan Tripathy <jonnyt@xxxxxxxxxxx> wrote: > Hi Everyone, > > In Xen, is a DomU able to access data in RAM which a previous DomU has > stored in the past, but didn't "zero" it? > > I understand that this is a problem with physical disks (using phy:/), just > wondering if the same stands with RAM > > Thanks > > _______________________________________________ > Xen-devel mailing list > Xen-devel@xxxxxxxxxxxxxxxxxxx > http://lists.xensource.com/xen-devel > > _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |