Xen project Mailing List

Re: [Xen-devel] Re: What is more secure? HVM or PV ?

To: "Petersson, Mats" <Mats.Petersson@xxxxxxx>

From: "David Pilger" <pilger.david@xxxxxxxxx>

Date: Tue, 19 Dec 2006 13:02:34 +0200

Delivery-date: Tue, 19 Dec 2006 03:02:25 -0800

Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=UTPIM1WCtVh/nEnORFqiRwF9nDZMTLthC3i5/yU4hIlCIxqidq4niZFZ3M8K3YW+KmSsr+BDL0SmqYHVcO0BS3HhlmBBlRyhpbe11zMWKpDcmQMR3ezOExOiEACKiKXjn40eU+5/oxJoYPi4uKCmwCs0tGPFwUkPNW28LjJzakc=

List-id: Xen developer discussion <xen-devel.lists.xensource.com>

On 12/19/06, Petersson, Mats <Mats.Petersson@xxxxxxx> wrote:


What's the goal of the attack - to take control of the system or to just
be a nuisance and crash it?

The goal is to gain control over domain0, as the root user.


To take control, I suspect the easiest approach is known kernel holes
and a direct attack on Dom0.

DomU is probably capable of causing Dom0 to crash - at least there's
been bugs like that in the HVM side of the hypervisor - most of the PV
side is probably more immunce thanks to greater maturity of the code.

Are there any attack vectors that aren't directly related to Xen if dealing with PV, such as kernel facilities + processor architecture or stuff like that? If we'll look at it from a lines of code POV, then I guess that HVMs are less secure (vmexit handler / parsers / qemu), that code is not mature either. So, Is there any obvious conclusion about this topic? Or we can say that the security is the same in PV as in HVM? David. _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.