[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-users] Understanding HVM DomU Isolation



Hello All,

I'm trying to build my understanding of the isolation provided to an HVM DomU. A base Xen 3.4 install on a fancy vPro system works well. It's fast enough for my needs and I'm pleased with the features. That said, I'd like to better understand the extent of separation between Dom0 and an HVM DomU. Would it be possible now, or with a feature on the current Xen roadmap, to fully decouple an HVM DomU from Dom0? To put it another way, I'm concerned that an error in my Dom0 kernel could impact the security of a mission-critical app running in an HVM DomU. What Xen tools or features can I utilize to improve or verify the isolation?

Any comments or suggested reading?

Sincerely,

Scott Kuehn

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.