[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] xend leaks/bugs/etc
On Mon, 2005-04-18 at 10:45 -0500, Anthony Liguori wrote: > Hollis Blanchard wrote: > > >On Mon, 2005-04-18 at 10:15 -0500, Anthony Liguori wrote: > > > >>This is a very big problem. One very difficult issue to address is > >>how to deal with very hostile domains that may attempt DoS attacks by > >>flooding their own console. > > > >This isn't really a xend issue. I'm not sure this *can* be addressed, > >and I believe other hypervisors have this problem as well. > > > I'm not sure I agree. Since Xen only provides shared-memory and event > channels, the tools control how frequently they look at shared-memory > (so a tool can throttle itself). The only possible DoS venue should be > the event channels. The tools should simply be able to unbind from > event channels that are considered hostile. And how exactly would you distinguish between a hostile domain and a mission-critical-yet-chatty domain? Or would you indiscriminately drop console data from all overly talkative domains? -- Hollis Blanchard IBM Linux Technology Center _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
![]() |
Lists.xenproject.org is hosted with RackSpace, monitoring our |