[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Proposal to allow setting up shared memory areas between VMs from xl config file

To: "Stefano Stabellini" <sstabellini@xxxxxxxxxx>
From: "Jan Beulich" <JBeulich@xxxxxxxx>
Date: Fri, 19 May 2017 00:59:39 -0600
Cc: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, Julien Grall <julien.grall@xxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Zhongze Liu <blackskygg@xxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
Delivery-date: Fri, 19 May 2017 06:59:55 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

>>> On 18.05.17 at 20:09, <sstabellini@xxxxxxxxxx> wrote:
> On Mon, 15 May 2017, Wei Liu wrote:
>> On Sat, May 13, 2017 at 10:28:27AM +0800, Zhongze Liu wrote:
>> > Stefano wrote:
>> > "I think that in your scenario Xen (the hypervisor) wouldn't allow the
>> > first domain to be completely destroyed because it knows that its
>> > memory is still in use by something else in the system. The domain
>> > remains in a zombie state until the memory is not used anymore. We need
>> > to double-check this, but I don't think it will be a problem."
>> > 
>> 
>> This has security implications -- a rogue guest can prevent the
>> destruction of the owner.
> 
> We are going to use the same underlying hypervisor infrastructure, the
> end result should be no different than sharing memory via grant table
> from a security perspective. If not, then we need to fix Xen.

Yes and no. Improper use of grant table interfaces can lead to
this problem too. There the requirement is that all memory is
always owned (and granted foreign access to) by the frontend
drivers. I.e. there's a certain level of trust that backend behave
themselves. Similarly page ownership and direction of trust need
to be considered (and perhaps written down) here.

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

References:
- [Xen-devel] Proposal to allow setting up shared memory areas between VMs from xl config file
  - From: Zhongze Liu
- Re: [Xen-devel] Proposal to allow setting up shared memory areas between VMs from xl config file
  - From: Wei Liu
- Re: [Xen-devel] Proposal to allow setting up shared memory areas between VMs from xl config file
  - From: Zhongze Liu
- Re: [Xen-devel] Proposal to allow setting up shared memory areas between VMs from xl config file
  - From: Wei Liu
- Re: [Xen-devel] Proposal to allow setting up shared memory areas between VMs from xl config file
  - From: Stefano Stabellini

Prev by Date: Re: [Xen-devel] [PATCH] Use non-debug build for Xen 4.9
Next by Date: Re: [Xen-devel] [PATCH] Use non-debug build for Xen 4.9
Previous by thread: Re: [Xen-devel] Proposal to allow setting up shared memory areas between VMs from xl config file
Next by thread: Re: [Xen-devel] Proposal to allow setting up shared memory areas between VMs from xl config file
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.