|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [Xense-devel] Shype/ACM for HVM guest.
"Praveen Kushwaha" <praveen.kushwaha@xxxxxxxxxxx> wrote on 04/06/2007 08:26:38 AM: > > Hi, > Thanks for replying. > According to you in case of full virtualization > security checks are only applied at the startup of virtual machine. > Where as in para virtualization security checks are also > at the hypercalls. But in full virtualization currently there is no > security checks > like para virtualization. I do believe that there is > Chinese wall security hooks, but they only manage the starting of > HVM domains. > Do you also mean that ACM has no role to play in case of > HVM domains? We are not saying that it 'has no role to play'. The current ACM support for HVMs is limited and we will investigate this in the future. > and also the hypervisor has no security checks on the > request fron HVM guest to hypervisor? A fully virtualized guest will currently not run through the types of ACM hooks that paravirtualized domains are running through. Stefan > > Thanks, > Praveen Kushwaha > > From: Stefan Berger [mailto:stefanb@xxxxxxxxxx] > Sent: Friday, April 06, 2007 5:32 AM > To: Praveen Kushwaha > Cc: xense-devel@xxxxxxxxxxxxxxxxxxx; xense-devel-bounces@xxxxxxxxxxxxxxxxxxx > Subject: RE: [Xense-devel] Shype/ACM for HVM guest. > > > "Praveen Kushwaha" <praveen.kushwaha@xxxxxxxxxxx> wrote on > 04/04/2007 02:53:06 AM: > > > Hi, > > Yes, the Chinese wall policy hook is there for checking > > whether the HVM guest is allowed to run or not. > > But the my question is that suppose the HVM guest wants > > to do some IO (disk access, printer etc). Then for the > communicationwith the > > VMM, VMExit will happen ( A transition from the HVM > > guest to VMM is done). Then, Where the shype/ACM put hooks in order > > to have control over > > resources(IO devices) for the HVM guests? > > IO devices that are connected to the HVM and whose parameters are > provided through the VM configuration can be checked against their > labeling once a domain is started using xend. Currently for HVMs > only disk entries are checked. More will need to be added in this > area in the future. > > > As it puts hooks on hypercalls in case of paravirtualization. > > What shype/ACM does in case of full virtualization? > > In case of full virutalization, the hooks on the hypercalls for > grant tables and event channels are not being used. So oin HVM case, > checks are only done during startup of a virtual machine. > > Stefan > > > > > Thanks, > > Praveen Kushwaha > > > > > > > > > > > > From: Stefan Berger [mailto:stefanb@xxxxxxxxxx] > > Sent: Tuesday, April 03, 2007 8:29 PM > > To: Praveen Kushwaha > > Cc: xense-devel@xxxxxxxxxxxxxxxxxxx; xense-devel-bounces@xxxxxxxxxxxxxxxxxxx > > Subject: RE: [Xense-devel] Shype/ACM for HVM guest. > > > > > > "Praveen Kushwaha" <praveen.kushwaha@xxxxxxxxxxx> wrote on > > 04/03/2007 05:42:56 AM: > > > > > Hi, > > > Yes that is fine if the paravirtualized drivers are > > > used in HVM then we can put hooks on that. But it is different case, > > > how actually shype/ACM works in case of VMExit/VMEntry. > > > Since in case of VMExit/VMEntry there are no > > > hypercalls, then how sHype/ACM implements security. > > > I mean to ask that how sHype/ACM works in case of > HVM guest. > > > > In case of an HVM guest you would have the Chinese Wall Policy hooks > > checking whether the HVM guest is allowed to run with its current VM label. > > Access to resources such as image files is also checked when a > > virtual machine is started up. > > > > Stefan > > > > > > > > > > Thanks, > > > Praveen Kushwaha > > > > > > > > > > > > > > > > > > > > > > > > From: Stefan Berger [mailto:stefanb@xxxxxxxxxx] > > > Sent: Monday, April 02, 2007 7:19 PM > > > To: Praveen Kushwaha > > > Cc: xense-devel@xxxxxxxxxxxxxxxxxxx; xense-devel-bounces@lists. > xensource.com > > > Subject: Re: [Xense-devel] Shype/ACM for HVM guest. > > > > > > > > > xense-devel-bounces@xxxxxxxxxxxxxxxxxxx wrote on 04/02/2007 05:40:39 AM: > > > > > > > Hi, > > > > Does Shype/ACM architecture for implementing security in > > > > xen supports HVM guest also? I mean to say that, as per my > > > > > > HVM guests are supported in so far that the configuration of an HVM > > > is checked when the VM is started. This is done in xend where > > > resource assignments (disk access) are validated. > > > > > > > knowledge in xen 3.0.4 shype/ACM is implemented. Does this > > > > shype/ACM work also for the HVM (windows) guest? > > > > As per my understanding shype/ACM puts hook on > > > > hypercalls from the hypervisor, and consult with the ACM. But in > > > > case of full virtualization, hypervisor does not have hypercalls to > > > > communicate with HVM guest. There is VMEntry/VMExit for > > > > > > This is correct. Though, if paravirtualized drivers are used in an > > > HVM, also they will need to go through the hooks for grant table > > > access and event channels. > > > > > > Stefan > > > > > > > > > > communication, in which guest state and host state are saved. Since > > > > there are no hypercalls in case of full virtualization then how the > > > > actually shype/ACM works. Where does it put hooks? Or is there any > > > > other mechanism through which it implements security in HVM guest. > > > > If any one has information regarding it please reply. > > > > > > > > Thanks, > > > > Praveen Kushwaha > > > > > > > > > > > > > > > > _______________________________________________ > > > > Xense-devel mailing list > > > > Xense-devel@xxxxxxxxxxxxxxxxxxx > > > > http://lists.xensource.com/xense-devel _______________________________________________ Xense-devel mailing list Xense-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xense-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |