From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:36831) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1beMfP-0007JI-1w for qemu-devel@nongnu.org; Mon, 29 Aug 2016 09:32:00 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1beMfI-0003TO-9Y for qemu-devel@nongnu.org; Mon, 29 Aug 2016 09:31:57 -0400 Received: from nm37-vm5.bullet.mail.ne1.yahoo.com ([98.138.229.133]:51891) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1beMfI-0003TH-39 for qemu-devel@nongnu.org; Mon, 29 Aug 2016 09:31:52 -0400 Date: Mon, 29 Aug 2016 12:51:20 +0000 (UTC) From: Reply-To: Message-ID: <110743700.1285610.1472475080274@mail.yahoo.com> MIME-Version: 1.0 References: <110743700.1285610.1472475080274.ref@mail.yahoo.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Subject: [Qemu-devel] A question about postcopy safety List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "dgilbert@redhat.com" , qemu-devel@nongnu.org Hi=C2=A0David,I'm studying the process of postcopy migration, and I found t= hat the memory pages migrated from source to destination are not encrypted.= Does this make the VM vulnerable if it's memory has been tampered with dur= ing postcopy migration? I think precopy has less risk because the source's memory is always alterin= g. If one page is tampered with during network transfer, with source still = running, then a later version of that page may keep updating. So it would b= e quite difficult to track all different page versions, and tamper with the= final version of one page. But when it comes to postcopy, the situation is riskier because one specifi= c page is only transferred once. It's easy to capture all transferring memo= ry pages, tamper and resend. When the memory been tampered with, the safety of the VM will be compromise= d. Any ideas? thank you!Liutao