[XCSSA] Xen and security
xcssa@xcssa.org
xcssa@xcssa.org
Tue, 9 Jan 2007 22:10:57 -0600
On Tuesday 09 January 2007 21:03, xcssa-admin@xcssa.org wrote:
> Background:
>
> Xen works by requiring that the guest OS be slightly re-written
> to avoid unsafe operations (e.g. updating page table entries) by
> using a new method (e.g. a hypervisor call to Xen).
>
> I've been reading this:
> http://www.cl.cam.ac.uk/research/srg/netos/papers/2003-xensosp.pdf
Not any more if you're running Xen 3 and using a new AMD or Intel proc with
Pacifica or VT microcode technology respectively:
http://en.wikipedia.org/wiki/Xen
> My question is, does this mean that a guest OS can violate the
> security model if it chooses to be malicious? I'm sort of thinking
> that guest OS code running at ring > 0 might generate an exception and
> be terminated or hose itself, but wouldn't be able to affect any other
> guest OSes or the host. Can anyone think of a way that it could?
Got me. I thought exceptions and interrupts (even of Dom0) should be handled
by the hypervisor (the only true ring 0 instance).. no?
Is this Travis?
Tweeks