[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Questions about PVH in Xen 4.3 unstable



On Wed, Jan 30, 2013 at 10:52 AM, tech mailinglists <mailinglists.tech@xxxxxxxxx> wrote:
I thought that stubdoms for HVMs are great for security. Can it still be used for PV-on-HVM for security? Can only Linux run as PVH and Windows and so on still run as HVM?

Stubdoms increase security by isolating the qemu process, so that it's not running in domain 0.  PV domains (and by extension PVH domains) don't have a qemu process, and are therefore are secure without needing a stubdom.

Yes, PVH is an extension of PV; so only operating systems which can be ported to PV will support PVH.

Microsoft could of course port Windows to PV or PVH; in fact, the original 2003 Xen paper included tests run on a PV-ported version of Windows XP done by the guys at Microsoft Research, Cambridge.  But it seems pretty unlikely that they'll ever do such a thing again. :-)

 -George

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.