Thanks for replying.
According to you in case of full virtualization security checks are
only applied at the startup of virtual machine.
as in para virtualization security checks are also at the hypercalls. But in
full virtualization currently there is no security checks
like para virtualization. I do believe that there is Chinese wall
security hooks, but they only manage the starting of HVM domains.
you also mean that ACM has no role to play in case of HVM domains?
and also the hypervisor has no security checks on the request fron HVM guest to
From: Stefan Berger
Sent: Friday, April 06, 2007 5:32
Subject: RE: [Xense-devel]
Shype/ACM for HVM guest.
<praveen.kushwaha@xxxxxxxxxxx> wrote on 04/04/2007 02:53:06 AM:
Yes, the Chinese wall policy hook is there
> whether the HVM guest is allowed to run or
But the my question is that suppose the HVM
> to do some IO (disk access, printer etc).
Then for the communicationwith the
VMM, VMExit will happen ( A transition from
> guest to VMM is done). Then, Where the
shype/ACM put hooks in order
> to have control over
resources(IO devices) for the HVM guests?
that are connected to the HVM and whose parameters are provided through the VM
configuration can be checked against their labeling once a domain is started
using xend. Currently for HVMs only disk entries are checked. More will need to
be added in this area in the future.
As it puts hooks on hypercalls in case of
What shype/ACM does in case of full
In case of
full virutalization, the hooks on the hypercalls for grant tables and event
channels are not being used. So oin HVM case, checks are only done during
startup of a virtual machine.
> Praveen Kushwaha
> From: Stefan Berger
> Sent: Tuesday, April 03, 2007 8:29 PM
> To: Praveen
> Cc: xense-devel@xxxxxxxxxxxxxxxxxxx;
> Subject: RE: [Xense-devel] Shype/ACM for HVM
Kushwaha" <praveen.kushwaha@xxxxxxxxxxx> wrote on
> 04/03/2007 05:42:56 AM:
> > Hi,
Yes that is fine if the paravirtualized drivers are
> > used in HVM then we can put hooks on
that. But it is different case,
> > how actually shype/ACM works in case of
Since in case of VMExit/VMEntry there are no
> > hypercalls, then how sHype/ACM
I mean to ask that how sHype/ACM works in case of HVM guest.
> In case of an HVM guest you would have the
Chinese Wall Policy hooks
> checking whether the HVM guest is allowed to
run with its current VM label.
> Access to resources such as image files is
also checked when a
> virtual machine is started up.
> > Thanks,
> > Praveen
> > From: Stefan Berger
> > Sent: Monday, April 02, 2007 7:19 PM
> > To: Praveen
> > Cc: xense-devel@xxxxxxxxxxxxxxxxxxx;
> > Subject: Re: [Xense-devel] Shype/ACM for
> > xense-devel-bounces@xxxxxxxxxxxxxxxxxxx wrote
on 04/02/2007 05:40:39 AM:
> > > Hi,
> > >
Does Shype/ACM architecture for implementing security in
> > > xen supports HVM guest also?
I mean to say that, as per my
> > HVM guests are supported in so far that
the configuration of an HVM
> > is checked when the VM is started. This
is done in xend where
> > resource assignments (disk access)
> > > knowledge in xen 3.0.4
shype/ACM is implemented. Does this
> > > shype/ACM work also for the HVM (windows)
> > >
As per my understanding shype/ACM puts hook on
> > > hypercalls from the hypervisor, and
consult with the ACM. But in
> > > case of full virtualization,
hypervisor does not have hypercalls to
> > > communicate with HVM guest. There
is VMEntry/VMExit for
> > This is correct. Though, if
paravirtualized drivers are used in an
> > HVM, also they will need to go through
the hooks for grant table
> > access and event channels.
> > Stefan
> > > communication, in which guest state
and host state are saved. Since
> > > there are no hypercalls in
case of full virtualization then how the
> > > actually shype/ACM works. Where
does it put hooks? Or is there any
> > > other mechanism through which it
implements security in HVM guest.
> > > If any one has
information regarding it please reply.
> > >
> > > Thanks,
> > > Praveen
> > >
> > >
> > >
> > >
> > > Xense-devel mailing list
> > > Xense-devel@xxxxxxxxxxxxxxxxxxx
> > >