From: Avi Kivity <avi-atKUWr5tajBWk0Htik3J/w@public.gmane.org>
To: Arnd Bergmann <arnd-r2nGTMty4D4@public.gmane.org>
Cc: kvm-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org,
linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
Subject: Re: [PATCH 6/13] KVM: memory slot management
Date: Sun, 29 Oct 2006 11:10:16 +0200 [thread overview]
Message-ID: <45446FF8.50502@qumranet.com> (raw)
In-Reply-To: <200610271605.27600.arnd-r2nGTMty4D4@public.gmane.org>
Arnd Bergmann wrote:
>> It can shoot not only its foot, but anything the monitor's uid has
>> access to. Host files, the host network, other guests belonging to the
>> user, etc.
>>
>
> Yes, that's what I meant. It's obviously nicer if the guest can't do that,
> but it's a tradeoff of the potential security impact against on how hard
> it is to implement hiding the addresses you don't want your guest to see.
> To put it into other words, do you want the optimal performance, or the
> optimal security?
>
>
Well, isolation is one of the most significant features of full
virtualization, both for security and reliability. I don't think we can
compromise that.
>> It's worse than I thouht: tlb entries generated by guest accesses are
>> tagged with the guest virtual address, to if you remove a guest
>> physical/host virtual page you need to invalidate the entire guest tlb.
>>
>
> Ok, so it's the HW's fault. They either copied bad or decided doing the
> s390 approach was too expensive.
>
x86 tradition is to make all possible mistakes before getting a working
solution.
--
error compiling committee.c: too many arguments to function
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
next parent reply other threads:[~2006-10-29 9:10 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <4540EE2B.9020606@qumranet.com>
[not found] ` <200610270044.31382.arnd@arndb.de>
[not found] ` <200610270937.11646.arnd@arndb.de>
[not found] ` <454208EB.7080007@qumranet.com>
[not found] ` <200610271605.27600.arnd@arndb.de>
[not found] ` <200610271605.27600.arnd-r2nGTMty4D4@public.gmane.org>
2006-10-29 9:10 ` Avi Kivity [this message]
[not found] ` <4542292C.3080409@us.ibm.com>
[not found] ` <4542292C.3080409-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2006-10-29 9:15 ` [PATCH 6/13] KVM: memory slot management Avi Kivity
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=45446FF8.50502@qumranet.com \
--to=avi-atkuwr5tajbwk0htik3j/w@public.gmane.org \
--cc=arnd-r2nGTMty4D4@public.gmane.org \
--cc=kvm-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox