[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] working xen domU kernel with PHYSDEV_ACCESS?



> 2005-05-02, h keltezéssel 18.19-kor Mark Williamson ezt írta:
> > You should just be able to use the dom0 kernel itself - have you tried
> > that?
>
> That works. Ok.
> I think I've misunderstood something in the docs/list archives.
> As I understand, the privileged guest (dom0 kernel) has full privileges
> to the xen command interface (so that can manage domains)

Yes, dom0 has those privileges.  This is, however, *independent* of the kernel 
image it uses.  The PRIVILEGED_GUEST option compiles a kernel that knows 
*how* to access the privileged control interface.  Unless Xen gives it this 
privilege, it still won't be able to manage domains.

Thus, using a xen0 kernel in a domU does not in any way imply reduced 
security.  In fact, from a security PoV it doesn't matter what kernel you use 
in a guest domain - the worst a guest can do is allow *itself* to be 
compromised.  It's not a risk to the rest of the machine to allow users to 
compile their own kernels.

> and is a 
> backend for other domains. The docs also says that a block device
> backend can't be a block device frontend, so that can't use a device
> from an other backand (the Domain-0 for example). But it seems that it
> can...

At the time, it was not possible for a domain to *actively* use both its 
backend driver and its frontend driver.  This is not true anymore in the 
unstable tree for network devices but is still true in the stable tree AFAIK.

There's no problem with a domain having both drivers compiled in, it just 
can't use them both at once.

> Can I disable the PRIVILEGED_GUEST option of the dom0 kernel when I want
> to use that one as a guest with physical device (some pci device)
> access?

You can if you want but if you give a guest physical device access, it'll 
still have (almost) dom0 privileges, you just won't be able to *use* the 
management interface (so easily) from userspace.  Don't let anyone you don't 
trust use this domain ;-)

Privileges for guests with physical device access will gradually get tightened 
up with the introduction of grant tables in the unstable / 3.0 tree.

Cheers,
Mark

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.