Xen project Mailing List

Re: [Xen-devel] Questions on Xen

To: Aditya Pendyala <aditya.pendyala@xxxxxxxxx>

From: Pasi Kärkkäinen <pasik@xxxxxx>

Date: Tue, 16 Mar 2010 18:22:53 +0200

Delivery-date: Tue, 16 Mar 2010 09:23:30 -0700

List-id: Xen developer discussion <xen-devel.lists.xensource.com>

On Mon, Mar 15, 2010 at 03:51:53PM +0530, Aditya Pendyala wrote: > Hi all, > I have the following questions regarding Xen hypervisor.Can you please > clarify these queries? > > * Does Xen follow any security model, in particular, does a Random Oracle > (RO) fit in Xen? Yes, Xen has Xen Security Modules (XSM). See: http://www.xen.org/files/summit_3/coker-xsm-summit-090706.pdf http://www.xen.org/files/xensummit_4/xsm-summit-041707_Coker.pdf http://www.xen.org/files/XenSecurity_SHand.pdf Those pdfs seem to be a bit old, but feel free to google for more up-to-date stuff. Especially check the various Xen Summit presentation slides available on xen.org. > * When there are concurrent Guest OS running on the same hardware, then > there has to be a mechanism for concurrency control and fairness, how > does Xen implement these? Xen has different schedulers to control cpu time sharing. Xen credit scheduler is the default scheduler nowadays. credit2 scheduler is under development. For disk-IO you can use the Linux dom0 CFQ/ionice, or things like dm-ioband. For network traffic you can use all the common Linux QoS tools, or the built-in network shaping. > * Shared memory access has to make sure that one "malicious" OS doesn't > access other's memory, where and how is this done? I don't know the internals unfortunately.. I can guess it's related to the fact that Xen hypervisor runs in the x86 ring-0, and the guests run in other ring levels. So Xen hypervisor has complete control of the guests, and it can force the security. > * Similarly with shared network, how and where is security handled in this > case so that packets meant for one OS are not accessible to other OS? If you're using routed setup then it's pretty easy to control which IP has which IP and perform firewalling in dom0. If you're using bridged network setup then you can use things like ebtables to filter the bridged traffic. Xen dom0 is usually Linux, so all the usual Linux tools can be used. > * Does xen has cryptography implementation in the code ? What do you mean exactly? > * If you have idea regarding "provable security" property of Xen , can you > give us a gist of it ? I don't really help with this one unfortunately. -- Pasi _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel

References:

[Xen-devel] Questions on Xen
- From: Aditya Pendyala

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.