On Thu, Nov 08, 2007 at 05:24:00PM -0600, Linas Vepstas wrote: ... > > E.g. 4 port Gige card could directly support the host and 3 guests with > > somewhat > > lower risk of tromping on each other's MMIO space. > > > > If Xen is cooperative, this seems a bit paranoid. I don't recall ever > > seeing a > > driver bug where the driver accidentally poked MMIO space at the wrong > > device. > > I presume the issue is not a driver bug per-se, but a > spying/hacking-type security issue: Having root in one guest could in > principle allow one to write a driver that snooped on data in other > guests, and/or intentionally corrupted data on other guests.
If someone has root on a guest, they could modprobe a driver that can map any unused virtual address to any physical address they want. Unless the chipset somehow blocks/refuses to route IO for that guest, then they can still poke at any other device once they figure out where addresses are being routed (e.g. directly reading configuration space or directly accessing chipset specific registers.) > I envision some ISP renting out 1/3 of a machine with a 4-port card, > and having some nosey college-kid wannabe hacker getting root on one of > the guests and causing trouble. But perhaps I'm waaaayyyyy off base > here. I agree this will make it slightly harder. Also makes it much more likely the box will crash - taking down all the guests. And someone should notice that. > (Just like occasional cigarette smoking is known to inevitably lead to > full-fledged heroin addiction, I am pretty sure that the culture of > "cheat codes" among 12-year-olds is going to lead to an epidemic of > hackers in about 10 years. I am atuned to "wannabe hacker culture"). Ok - but I think there are more serious issues if someone can get root on a remote box (ignore Virtualization). Several other possible layers of security have already been "defeated" by then. thanks, grant - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/