[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 5/6] tools/libxl: Allow dom0 to be destroyed

On 03/10/2014 12:45 PM, Ian Jackson wrote:
Daniel De Graaf writes ("Re: [PATCH 5/6] tools/libxl: Allow dom0 to be 
In reply to both this and Jan's earlier email:
So this gets deleted without replacement? How is the hardware
domain being protected from (accidental or malicious) deletion
then? Even if this is being dealt with in the hypervisor, I'd be
afraid of the failure resulting in a cryptic error message instead
of the very clear one above.

The existing check seems to be a useful guard against accidentally
breaking parts of a running system.  Would requiring a -f flag on the
destroy operation to work on domain 0 be preferable?

That would be tolerable if we can't find a better way to tell whether
it's safe or not.

I guess you don't want dom0 to be able to destroy itself - or do you ?
Perhaps the right answer is to require -f for a domain to destroy


A domain can't destroy itself anyway (the hypervisor prevents this), so
if there was a simple way for xl to check if the domain ID was its own
ID, this would work.  I am not aware of a good, simple way to make this
check, so leaving it at preventing dom0's destruction will at least not
regress in usability.

Daniel De Graaf
National Security Agency

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.