[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: Fw: [Xen-devel] Xen on /. again
> >>Mark Williamson wrote: >>>>Also, I suppose you will wish to prevent covert channels between >>>>domains, e.g. domains communicating using various timing attacks (I move >>>>the disk head to the other end of the disk if I wish to tell you >>>>something), or by allocating/freeing certains parts of memory. >>>> >>>>How much will you need to dumb down the VMs view of what is going on in >>>>the machine to achieve this (not expose real time information, not >>>>expose real page tables), and how much of a VMM will there be left when >>>>you are done? >>> >>> Well domains are not aware of each other's memory usage, so I wouldn't have >>> thought that allocation / exposing real page tables would matter. (Except >>> dom0 can of course see everything if it wants). >> >>Information about other domains' memory usage is leaked via the >>hardware->physical mapping. > >Unprivileged domains cannot see each others hardware->physical mappings. Oops - I read this originally as 'virtual->physical'. The MPT does indeed currently allow domains to view each others hardware->physical mappings. Replacing the single MPT with per-domain viewable sparse mapping structures is possible though, albeit at a performance cost. Full virt with VT-x also eliminates this issue. cheers, S. ------------------------------------------------------- This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting Tool for open source databases. Create drag-&-drop reports. Save time by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc. Download a FREE copy at http://www.intelliview.com/go/osdn_nl _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |