[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] protecting xen startup

To: Luke Kenneth Casson Leighton <lkcl@xxxxxxxx>
From: Mark Williamson <maw48@xxxxxxxxxxxxxxxx>
Date: Wed, 24 Nov 2004 11:55:26 +0000 (GMT)
Cc: "Neugebauer, Rolf" <rolf.neugebauer@xxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxxx
Delivery-date: Wed, 24 Nov 2004 12:01:48 +0000
List-id: List for Xen developers <xen-devel.lists.sourceforge.net>

are you hinting at the allocation of device drivers across domains?

e.g. having one domain do the hardware side and securely
proxy-forwarding the access to that device over to another domain?

Well, this is really already done. e.g. net and block devices aresecurely shared. Domain 0 runs the real physical device driver and theunprivileged domain uses a virtual device driver to communicate itsrequests to dom0. These are requests are validated before being accepted.

Setting up these "device channels" is reasonably involved. A protocolusing the control message framework is used to communicate to the"backend" (runs in dom0 and co-ordinates sharing) and "frontend" (runs inguest and provides virtual devices to the guest) about what virtualdevices exist. The protocol is then used to establish a shared-memoryconnection between the two.

One problem here is that domain 0's control interface (used to communicatewith the backend drivers) can only have one writer. Hence it's necessaryto ensure mutual exclusion - we let Xend control writing requests to thisinterface.

As well as keeping track of various forms of state, you also need toensure that the control interface is dealt with correctly, which could bequite a bit of work.

... but i have to point out that i'm more concerned about leveraging
what is available - right now - than i am about future versions.

Sure thing. We're planning to add mandatory access control features atsome stage but that's still on the drawing board at the moment. In themeantime, there should be plenty of other fun to be had...


Cheers,
Mark


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.

Discover which products truly live up to the hype. Start reading now.http://productguide.itmanagersjournal.com/

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel

References:
- RE: [Xen-devel] protecting xen startup
  - From: Neugebauer, Rolf
- Re: [Xen-devel] protecting xen startup
  - From: Luke Kenneth Casson Leighton

Prev by Date: RE: [Xen-devel] protecting xen startup
Next by Date: [Xen-devel] running Windows (albeit slowly)
Previous by thread: Re: [Xen-devel] protecting xen startup
Next by thread: RE: [Xen-devel] protecting xen startup
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.