|
|
|
|
|
|
|
|
|
|
xense-devel
Re: [Xense-devel] Shype/ACM for HVM guest.
xense-devel-bounces@xxxxxxxxxxxxxxxxxxx wrote on 04/02/2007
05:40:39 AM:
> Hi,
> Does
Shype/ACM architecture for implementing security in
> xen supports HVM guest also? I mean to say that, as per my
HVM guests are supported in so far that the configuration
of an HVM is checked when the VM is started. This is done in xend where
resource assignments (disk access) are validated.
> knowledge in xen 3.0.4 shype/ACM is implemented.
Does this
> shype/ACM work also for the HVM (windows) guest?
>
As per my understanding shype/ACM puts hook on
> hypercalls from the hypervisor, and consult with the ACM. But in
> case of full virtualization, hypervisor does not have hypercalls to
> communicate with HVM guest. There is VMEntry/VMExit for
This is correct. Though, if paravirtualized drivers
are used in an HVM, also they will need to go through the hooks for grant
table access and event channels.
Stefan
> communication, in which guest state and host state are saved. Since
> there are no hypercalls in case of full virtualization then
how the
> actually shype/ACM works. Where does it put hooks? Or is there any
> other mechanism through which it implements security in HVM guest.
> If any one has information
regarding it please reply.
>
> Thanks,
> Praveen Kushwaha
>
>
>
> _______________________________________________
> Xense-devel mailing list
> Xense-devel@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xense-devel
_______________________________________________
Xense-devel mailing list
Xense-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xense-devel
|
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: [Xense-devel] Shype/ACM for HVM guest.,
Stefan Berger <=
|
|
|
|
|