RE: [PATCH] xenballoond (memory overcommit) scripts

["Dan Magenheimer" <dan.magenheimer@oracle.com>]

[-- Attachment #1: Type: text/plain, Size: 2631 bytes --]

Hi Viets --

A guest can't be ballooned without its "permission".
The original implementation had the selfballooning
in the guest's balloon driver, which could be rmmod'd
inside the guest, so I don't think the old model
was more secure than the new, which puts the selfballooning
in a daemon.  The worst that a malicious guest can do in
either case is ensure it always gets all the memory that's
assigned to it.

Or have you thought of a different attack scenario?

Thanks for the testing.  Make sure you try running
"watch -d xenballoond-monitor" in domain0.

Thanks,
Dan

> -----Original Message-----
> From: viets@work.de [mailto:viets@work.de]
> Sent: Tuesday, July 01, 2008 6:06 AM
> To: dan.magenheimer@oracle.com
> Cc: xen-devel@lists.xensource.com
> Subject: Re: [Xen-devel] [PATCH] xenballoond (memory 
> overcommit) scripts
> 
> 
> Hello,
> 
> is it a good idea to run a memory balloon process in a domU? 
> As you know
> I've tested your xenbus selfballooning, I've thought this 
> make more sense?
> 
> I thought it would be more secure and better for policing 
> reasons to run
> in dom0?
> 
> I've just tested the script and it works fine, now i will try it for a
> short periode...
> 
> greetings
> Viets
> 
> Dan Magenheimer wrote:
> > Attached is the current xenballoond script-set I
> > talked about at Xen Summit 2008 that supports
> > memory overcommit.
> >
> > I've had a number of requests for the scripts and,
> > though more polishing would be nice, it makes sense
> > to push them upstream so that others in the community
> > can try/test them and improve on them.
> >
> > Note that there is no impact on any xen installation
> > or on any guest unless the scripts are intentionally
> > installed and configured on one or more guests.
> >
> > See the README and conf files for more info.
> >
> > All files are new so, in addition to the patch,
> > these hg add commands will need to be done in
> > the main tree.
> >
> > hg add tools/xenballoond
> > hg add tools/xenballoond/xenballoond.init
> > hg add tools/xenballoond/xenballoond
> > hg add tools/xenballoond/xenballoon.conf
> > hg add tools/xenballoond/xenballoon.README
> > hg add tools/xenballoond/xenballoon-monitor
> >
> > Signed-off-by: Dan Magenheimer <dan.magenheimer@oracle.com>
> >
> > Thanks,
> > Dan
> >
> >
> > 
> --------------------------------------------------------------
> ----------
> >
> > _______________________________________________
> > Xen-devel mailing list
> > Xen-devel@lists.xensource.com
> > http://lists.xensource.com/xen-devel
> 
> 

[-- Attachment #2: Type: text/plain, Size: 138 bytes --]

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel