[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] guest kernel clarifications

> In past Xen versions, setting a kernel to support privliged drivers or be a
> priviliged domain (0) was a kernel config.  But driver domains are not
> supported in Xen3 yet, as far as I understand.

They'll be back soonish - probably in 3.0.2, I believe.

> In Xen2, could a guest be booted with such a configured kernel but without
> priviliges because domain 0 did not tell the domain builder it was OK? 


> Someone recently told me in person that there was such a configuration. 
> i.e., it was not only the kernel configuration but some other domain
> building flag and both were required to make it happen?

Whether the guest knows how to access the privileged interfaces of Xen or 
drive real devices (these are set in the kernel config) is orthogonal to 
whether the guest is allowed to access those interfaces at runtime (these are 
part of the domain config).

The domain building setting is the important one: an unprivileged domain just 
*can't* see or access the real devices, no matter what its kernel contains.  
A domain with device access is inherently more trusted.

It's perfectly safe to use a dom0 kernel in a domU with no devices, and have 
Xen ensure the domU stays unprivileged.


Dave: Just a question. What use is a unicyle with no seat?  And no pedals!
Mark: To answer a question with a question: What use is a skateboard?
Dave: Skateboards have wheels.
Mark: My wheel has a wheel!

Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.