alt Hacker News> all you can get is DMA access into a VM that doesn't actually have much of interest in it, and no access into other VMs...
Of course you have to ensure that you harden the interface between that VM and the host sufficiently.
> all you can get is DMA access into a VM that doesn't actually have much of interest in it, and no access into other VMs...
Of course you have to ensure that you harden the interface between that VM and the host sufficiently.
Sure, this is literally the core of Qubes security model. They run a massively stripped down Xen that eliminates a lot of the complex interfaces, the old legacy hardware emulation models, etc. If you can pivot through Xen, you own Qubes entirely - you can get to Dom0, and do whatever you want. They've gone very much out of their way to ensure that the VM to hypervisor interfaces are as limited as possible, and as hard as possible.