Re: xend leaks/bugs/etc - Hollis Blanchard

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Hollis Blanchard <hollisb@us.ibm.com>
To: Anthony Liguori <aliguori@us.ibm.com>
Cc: Xen-devel <xen-devel@lists.xensource.com>
Subject: Re: xend leaks/bugs/etc
Date: Mon, 18 Apr 2005 10:27:35 -0500	[thread overview]
Message-ID: <1113838055.7546.6.camel@localhost.localdomain> (raw)
In-Reply-To: <4263CF05.2030906@us.ibm.com>

On Mon, 2005-04-18 at 10:15 -0500, Anthony Liguori wrote:
> >Finally, the xend code seems to trust input it receives from domains
> >which is incompatible with the architectural goal of VM isolation.
> >  
> This is a very big problem.  One very difficult issue to address is
> how to deal with very hostile domains that may attempt DoS attacks by 
> flooding their own console.

This isn't really a xend issue. I'm not sure this *can* be addressed,
and I believe other hypervisors have this problem as well.

At some point, you have to acknowledge there will be *some* resource
sharing among otherwise isolated domains. Switching domains on a single
CPU will increase cache misses; domains doing lots of (valid and
allowed) IO will reduce shared bus bandwidth for other domains; etc...

-- 
Hollis Blanchard
IBM Linux Technology Center

next prev parent reply	other threads:[~2005-04-18 15:27 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-04-17 15:42 xend leaks/bugs/etc Ian Pratt
2005-04-18  6:00 ` Allen Short
2005-04-18 14:32   ` Harry Butterworth
2005-04-18 15:15     ` Anthony Liguori
2005-04-18 15:27       ` Hollis Blanchard [this message]
2005-04-18 15:45         ` Anthony Liguori
2005-04-18 16:16           ` Hollis Blanchard
2005-04-18 16:49             ` Harry Butterworth
2005-04-18 18:01             ` Anthony Liguori
2005-04-18 17:53               ` Hollis Blanchard
2005-04-20  7:10                 ` Jacob Gorm Hansen
2005-04-20 14:16                   ` Anthony Liguori
2005-04-21 22:58                     ` Jacob Gorm Hansen
2005-04-22  0:21                       ` Anthony Liguori
2005-04-18 15:58       ` Harry Butterworth
2005-04-18 21:33       ` Mike D. Day
  -- strict thread matches above, loose matches on Subject: below --
2005-04-18 23:12 Ian Pratt
2005-04-20  7:54 ` Jacob Gorm Hansen
2005-04-20 14:34   ` Hollis Blanchard
2005-04-16 18:08 Allen Short

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1113838055.7546.6.camel@localhost.localdomain \
    --to=hollisb@us.ibm.com \
    --cc=aliguori@us.ibm.com \
    --cc=xen-devel@lists.xensource.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.