Re: [Xen-users] pciback vs. qemu-dm vs. ?

[Steve Wray <steve.wray@xxxxxxxxx>]

Mark Williamson wrote:
[snip]
> If you have a dedicated PCI card and really want to use Xen then I suspect 
> that the most likely way to do things will be to fiddle with pciback a bit 
> more.  Bear in mind that you're making the domain with the PCI card trusted 
> (potentially as much as dom0 itself) by giving it a PCI device to play with.


I have a few questions about pciback.hide, maybe you chaps could give me
a clue.

For starters, I'm wondering how reliable/stable it is. I've had problems
which seem to be related to IRQ or DMA not being handled correctly:

When a domU accessing a 'hidden' pci device is shut down sometimes
*other* devices in dom0 (ie other than the 'hidden' one) start having
problems. When this includes the hard drive controller one tends to have
major issues.


Also, with respect to trust of the domU with the PCI device, as I
understand it, if the device is already being handled by a driver in the
kernel (not a module) then userspace on the domU would not be able to
subvert this?

I'm thinking that if the device is in use and if it is already handled
by an in-kernel driver, then even if an attacker got root on the domU
they wouldn't be able to replace the in-kernel driver with their own and
thus not be able to 'break out' of the domU. This assumes that the domU
kernel is not modular and that the kernel file itself is in dom0 not in
domU.

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users