[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Xense-devel] ACM doesnt scale
>at the moment, ACM supports only 2 models, and the code doesnt scale
>enough (at all) to support more models in the future? any plan to fix
Yes - the current ACM code is a proof of concept derived from the
IBM sHype code. The model at present is that two policies (a primary
and secondary) will be in place at any time, although it is intended
that the selection of these will be more dynamic in the future. It's
not yet clear if extending this will be required, but we're certainly
aware of the structure and limitations of the current code.
>if no, i am ready to offer some code for this problem.
We don't really want to smother things with code - for the security
functionality in particular we'd prefer to generate a stable, sensible
and well-justified design or set of designs which we can consider and
If you're keen to help with this process, one important task we hope
to get rolling soon is a complete audit of the 'hypervisor interface',
aka all the regular hypercalls & dom0_ops, plus the implicit protocols
(shared info page, event channel & grant table state machines, etc) to
identify the various points at which access control or information
exchange can occur.
Xense-devel mailing list