[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Xen-users] Re: Exploiting XEN

From: "Kraska, Joe A \(US SSA\)" <joe.kraska@xxxxxxxxxxxxxx>
Date: Thu, 15 Mar 2007 12:42:50 -0700
Cc: Xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Thu, 15 Mar 2007 12:41:56 -0700
List-id: Xen user discussion <xen-users.lists.xensource.com>
Thread-index: AcdnMD5rqF49dHt7SSOGsC+f2oh+agACaz4Q
Thread-topic: [Xen-users] Re: Exploiting XEN

> > I guess that's a fair comment too. Dom0 is a large part of a Xen
> > environment, and if Dom0 is compromised, then Xen can't really do
that
> > much to prevent the system from being crashed, subverted or other
> > malicious acts. But I believe Xen itself is "safe" from Dom0 being
> > compromised
> 
> It's not.  Dom0 (or any IO domain) has direct access to DMA
controllers.
>   It can use DMA to overwrite the hypervisor's memory with arbitrary
data.

I believe he was saying that dom0 was "safe" from an attempt to
compromise
originating out of a domU. No domU can be safe from dom0. That should be
understood.

Joe.



_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

Follow-Ups:
- RE: [Xen-users] Re: Exploiting XEN
  - From: Tim Post

References:
- Re: [Xen-users] Exploiting XEN
  - From: Daniel P. Berrange
- RE: [Xen-users] Exploiting XEN
  - From: Petersson, Mats
- [Xen-users] Re: Exploiting XEN
  - From: Anthony Liguori

Prev by Date: Re: [Xen-users] xen hotplug scripts not working
Next by Date: [Xen-users] Bridge networking needs proxy ARP?
Previous by thread: [Xen-users] Re: Exploiting XEN
Next by thread: RE: [Xen-users] Re: Exploiting XEN
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.