[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Permission for xenstore operation on HVM



On Wed, 2011-09-21 at 03:22 +0100, duolvxendev wrote:
> I'm trying to create a directory and write some messages, i.e. to some path
> like /local/domain/$DOMID/my_directory/my_key. This is OK on pv domU, but
> denied on HVM.

There is no deliberate difference between PV and HVM and indeed:
# ./xen-detect 
Running in PV context on Xen v4.2.
# xenstore-write my_directory/my_key "foo"
xenstore-write: could not write path my_directory/my_key

even if I use dom0 tools to get the domid:
# xenstore-write /local/domain/413/my_directory/my_key "foo"
xenstore-write: could not write path /local/domain/413/my_directory/my_key

If you use one of the xs areas set aside for guest use then this works. e.g.
# xenstore-write data/foo "test"

>  I can write to /local/domain/device directory by frontend
> driver, but I cannot create or write to some arbitrary path that doesn't
> exist.

Correct, the locations which a guest can write to are deliberately
restricted as explained by Stefano.

Ian.

>  It looks like that one needs special permission on HVM.
> 
> --
> View this message in context: 
> http://xen.1045712.n5.nabble.com/Permission-for-xenstore-operation-on-HVM-tp4815691p4824822.html
> Sent from the Xen - Dev mailing list archive at Nabble.com.
> 
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-devel



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.