WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] How to crash nics and hosts

from [Ernst Bachmann] [Permanent Link][Original]
To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] How to crash nics and hosts
From: Ernst Bachmann <e.bachmann@xxxxxxxx>
Date: Fri, 5 Aug 2005 11:38:25 +0200
Delivery-date: Fri, 05 Aug 2005 09:36:51 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <42F32D12.2080207@xxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <42F32C24.1070002@xxxxxxxxxxxxxxxxxxxxxxx> <42F32D12.2080207@xxxxxxxxxxxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: KMail/1.8.1 
On Friday 05 August 2005 11:10, Andreas Seuss wrote:

> >Maybe someone finds a way to abuse such behaviour? Does it pose a
> >possible security threat or can this issue just be disregarded?

Well, domains with hardware access can't really be made secure, and IIRC the 
documentation also tells so..

Just imagine a busmaster capable PCI device:
the domU with access to it could instruct it to overwrite arbitrary memory 
locations, even inside the hypervisor.

So unless the hypervisor traps ALL hardware accesses, and checks them for 
validity (which would require xen to know everything about all hardware to be 
used, ...) before executing, a malicious domain with hardware access can 
always crash the system...

That approach would be rather slow (about the speed of completely emulated 
hardware I'd suppose), so just exporting virtual devices from a driver domain 
is way easier (and probably much faster) if you need protection from 
malicious domUs

Maybe the hardware support for virtualization in the next generation CPUs will 
provide a solution there...

/Ernst

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Vserver] Re: [Xen-users] Xen + VServer, Herbert Poetzl
Next by Date:  Re: [Xen-users] COW-backed VBDs, John Fairbairn
Previous by Thread:  Re: [Xen-users] How to crash nics and hosts, Andreas Seuss
Next by Thread:  [Xen-users] networking in xen, Jorge I. Davila L.
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy