[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Xen-devel] Grant tables from dom0 userspace?



I agree user-mode mappings would be a very useful addition to Xen.

*** However ***

Following much of Andrew's work in my own driver, I've tried to create
general purpose user-mode mappings based on grant tables.  The results
are unsatisfactory.  You'll encounter some tricky domain crashes that
have been discussed already on this list.  I've hacked around many of
the problems, such as implicit unmapping of grant references, but others
remain.  Some of the issues have no resolution in the grant table
architecture.

If you have something working now, I'd stick with it.

IMHO, before user-mode mappings can be robustly supported, we'll have to
leave grant tables for a fresh approach.

-steve

-----Original Message-----
From: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
[mailto:xen-devel-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Cihula,
Joseph
Sent: Thursday, March 09, 2006 10:25 AM
To: Keir Fraser; Jacob Gorm Hansen
Cc: Andrew Warfield; xen-devel Devel
Subject: RE: [Xen-devel] Grant tables from dom0 userspace?

(Combining w/ Christopher's reply:)

I would add my support to providing this as a common service to
userspace (as opposed to just creating a solution that works for your
project).

Using xc_foreign_mapping interfaces may work for dom0 code but it
requires the domain to be privileged and does not have fine-grained
permissions (i.e. if you can map something then you can map anything).
Grant tables are a much better, from a security POV, solution to sharing
memory.

Joseph Cihula
(Linux) Software Security Architect
Open Source Technology Center
Intel Corp.

*** These opinions are not necessarily those of my employer ***

On Thursday, March 09, 2006 10:13 AM,  Keir Fraser <> wrote:
> I think blktap gives an example how to do this, but it might be 
> specific to aio right now. You could probably use some of the same 
> hooks to provide a device file that you could mmap(), passing grant 
> refs to map. I cc'ed Andy Warfield in case he has any ideas...
> 
> The only other supported mechanism is the xc_foreign mapping 
> interfaces.

On Thursday, March 09, 2006 10:10 AM,  Christopher Clark <> wrote:
> Grant tables aren't the right interface for use from userspace, which 
> is why tools/libxc/xc_gnttab.c was removed. You should probably just 
> write a kernel module to do the mapping for you using grant tables and

> then expose a custom interface to userspace from the module to trigger

> the mapping as you need.

> On 9 Mar 2006, at 17:59, Jacob Gorm Hansen wrote:
> 
>> I would like to share some pages between my domU graphics frontend 
>> device, and the backend which runs in userspace in dom0. Right now I 
>> am doing this with my own scheme, but presumably grant tables would 
>> be the correct solution.
>> 
>> Is it possible to use grant tables from dom0 userspace? There used to

>> be a file called tools/libxc/xc_gnttab.c but that seems to be gone 
>> now.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.