Xen project Mailing List

Re: [Xen-devel] Regarding Xen security....

To: "Petersson, Mats" <Mats.Petersson@xxxxxxx>

From: "David Pilger" <pilger.david@xxxxxxxxx>

Date: Mon, 15 Jan 2007 19:05:09 +0200

Cc: Praveen Kushwaha <praveen.kushwaha@xxxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxx

Delivery-date: Mon, 15 Jan 2007 09:04:41 -0800

Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=JDu04tKyeO2PUINAWLc7ce0wFe6Q+BJoaodn0H0ncZz9QwgoWG2nO+UsLkUxVmSuS/ncMfy11m2Iw+HXc1/3btiJdkr89eFYZ/CMaV7MbzE0vfSr0G282EJGdnIGs0mtFwE9hpwvz3KfdtjyOswj+iphn1Hx1H1QjlQeaboev3o=

List-id: Xen developer discussion <xen-devel.lists.xensource.com>

On 1/15/07, Petersson, Mats <Mats.Petersson@xxxxxxx> wrote:

The key, however, is that to use any of this, there are two conditions
required:
1. Access to run at Ring 0 - and assuming that this is not so difficult
is probably fair, but it also means that the system isn't really secure
anyways, because as soon as some arbitrary code can run in Ring 0, it's
able to do ANYTHING in the system that it likes [although it may be a
little bit of hard work to actually go from a trivial exploit to
actually gain full control over the system].
2. That there isn't some other use of the SVM/VMX feature in place
already - as of current, neither of these techniques are nestable, so
once some code has gained control of the SVM/VMX feature, anyone else
attempting the same thing will fail in some respect.

Yep. saying that VT-x is unsecure in some manner is exactly like saying that ring0 is not secure... _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.