From mboxrd@z Thu Jan  1 00:00:00 1970
From: Anthony Liguori <anthony@codemonkey.ws>
Subject: Re: Building domains as a lesser user (was Re: boot loaders
 for domain != 0)
Date: Thu, 03 Feb 2005 21:54:22 -0600
Message-ID: <4202F1EE.4000908@codemonkey.ws>
References: <A95E2296287EAD4EB592B5DEEFCE0E9D1236FB@liverpoolst.ad.cl.cam.ac.uk> <4202EC36.8000103@codemonkey.ws> <4202EE37.4080707@diku.dk>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
In-Reply-To: <4202EE37.4080707@diku.dk>
Sender: xen-devel-admin@lists.sourceforge.net
Errors-To: xen-devel-admin@lists.sourceforge.net
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.sourceforge.net>
List-Help: <mailto:xen-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.sourceforge.net?subject=subscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum=xen-devel>
To: Jacob Gorm Hansen <jacobg@diku.dk>
Cc: xen-devel@lists.sourceforge.net
List-Id: xen-devel@lists.xenproject.org

Jacob Gorm Hansen wrote:

> I would disagree that the trusted loader is a point of failure. It is 
> not trusted in the sense that we need to trust its code to behave 
> correctly, all we need is to trust it as not being malformed data that 
> can trigger an exploit in the domain builder, and of course it is not, 
> given that it is supplied by you the admin and not by a (potentially 
> hostile) user.

Well, it's not the same as trusting a Domain's filesystem to be proper.  
But it still requires trusting that there are no exploitable bugs in the 
software.

Using a lesser-user to create the domain within Domain-0 requires 
trusting there are no exploitable bugs in the kernel syscall interfaces.

So, it's a point of failure as much as Linux is.

> Anyway, this code is already written for Xen 1.3. You can find it at 
> http://www.diku.dk/~jacobg/self-migration/

Awesome!  This is pretty cool stuff.  Do you have plans to update for 
Xen 2.0/Linux 2.6? Kernel-driven migration seems like an appealing topic.

Regards,

> Jacob
>
>


-- 
Anthony Liguori
anthony@codemonkey.ws



-------------------------------------------------------
This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag-&-drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl