|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] How to crash nics and hosts
On Friday 05 August 2005 11:10, Andreas Seuss wrote: > >Maybe someone finds a way to abuse such behaviour? Does it pose a > >possible security threat or can this issue just be disregarded? Well, domains with hardware access can't really be made secure, and IIRC the documentation also tells so.. Just imagine a busmaster capable PCI device: the domU with access to it could instruct it to overwrite arbitrary memory locations, even inside the hypervisor. So unless the hypervisor traps ALL hardware accesses, and checks them for validity (which would require xen to know everything about all hardware to be used, ...) before executing, a malicious domain with hardware access can always crash the system... That approach would be rather slow (about the speed of completely emulated hardware I'd suppose), so just exporting virtual devices from a driver domain is way easier (and probably much faster) if you need protection from malicious domUs Maybe the hardware support for virtualization in the next generation CPUs will provide a solution there... /Ernst _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |