30 messages in com.xensource.lists.xen-develRe: [Xen-devel] [PATCH][ACM] kernel e...
FromSent OnAttachments
Bryan D. Payne24 Jul 2006 09:23.diff
Keir Fraser24 Jul 2006 10:28 
Bryan D Payne24 Jul 2006 13:09 
Reiner Sailer24 Jul 2006 17:20 
Keir Fraser25 Jul 2006 02:52 
Bryan D Payne25 Jul 2006 10:45 
Steven Hand25 Jul 2006 11:48 
Mike D. Day26 Jul 2006 06:25 
Keir Fraser26 Jul 2006 06:49 
Reiner Sailer26 Jul 2006 08:47 
Mike D. Day26 Jul 2006 10:45 
Keir Fraser26 Jul 2006 11:06 
Mike D. Day26 Jul 2006 11:23 
Andrew Warfield26 Jul 2006 11:49 
Reiner Sailer26 Jul 2006 14:21 
Harry Butterworth26 Jul 2006 15:22 
Reiner Sailer26 Jul 2006 15:51 
Andrew Warfield26 Jul 2006 16:04 
Harry Butterworth26 Jul 2006 18:40 
Harry Butterworth27 Jul 2006 02:41 
Reiner Sailer27 Jul 2006 08:37 
Harry Butterworth27 Jul 2006 09:26 
Harry Butterworth27 Jul 2006 09:36 
Reiner Sailer27 Jul 2006 09:58 
Harry Butterworth27 Jul 2006 10:06 
Harry Butterworth27 Jul 2006 10:18 
Reiner Sailer27 Jul 2006 10:38 
Harry Butterworth27 Jul 2006 10:43 
Reiner Sailer27 Jul 2006 10:52 
Harry Butterworth27 Jul 2006 11:37 
Subject:Re: [Xen-devel] [PATCH][ACM] kernel enforcement of vbd policies via blkback driver
From:Harry Butterworth (har@hebutterworth.freeserve.co.uk)
Date:07/27/2006 09:36:20 AM
List:com.xensource.lists.xen-devel

On Thu, 2006-07-27 at 17:26 +0100, Harry Butterworth wrote:

untrusted driver domain <-> trusted encryption domain <-> FE-domain hypervisor trusted access control domain

Another argument in favour of this kind of approach is that if your BE is something like a fibrechannel driver for a SAN, there isn't actually any security on the SAN side of it so any guarantees provided by the driver domain are pretty much worthless.

Harry.

_______________________________________________ Xen-devel mailing list Xen-@lists.xensource.com http://lists.xensource.com/xen-devel