[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Is there an issue with turning off "scrubbing free RAM" on boot with Xen 4.1.3

>>> On 11.11.13 at 11:14, Ian Campbell <Ian.Campbell@xxxxxxxxxx> wrote:
> On Sun, 2013-11-10 at 14:25 -0800, Matt Wilson wrote:
>> On Thu, Oct 10, 2013 at 10:42:14AM +0100, Andrew Cooper wrote:
>> > In the Xen model, domains are responsible for clearing any sensitive
>> > data they have out of memory before shutdown.
>> 
>> This isn't strictly true. Memory is scrubbed by Xen when the domain
>> cannot do it for itself (i.e., when a domain is dying during
>> shutdown).
> 
> Isn't this only when the domain is killed by the toolstack or crashes
> etc. On a graceful shutdown I thought the guest was still responsible
> for clearing any memory it cared about.

No, the scrubbing is independent of the shutdown reason:

        /*
         * Normally we expect a domain to clear pages before freeing them, if 
         * it cares about the secrecy of their contents. However, after a 
         * domain has died we assume responsibility for erasure.
         */
        if ( unlikely(d->is_dying) )
            for ( i = 0; i < (1 << order); i++ )
                scrub_one_page(&pg[i]);

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.