[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-users] How to get a completely isolated virtual time using Xen?



Referring to the following quote
https://www.kernel.org/doc/Documentation/virtual/kvm/timekeeping.txt

> 4.8) Covert channels and leaks

> In addition to the above problems, time information will inevitably
leak to the guest about the host in anything but a perfect
implementation of virtualized time.  This may allow the guest to infer
the presence of a hypervisor (as in a red-pill type detection), and it
may allow information to leak between guest by using CPU utilization
itself as a signalling channel.  Preventing such problems would require
completely isolated virtual time which may not track real time any
longer.  This may be useful in certain security or QA contexts, but in
general isn't recommended for real-world deployment scenarios.

How to get a completely isolated virtual time with the virtualizer Xen?

Cheers,
Patrick

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxx
http://lists.xen.org/xen-users


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.