[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] pciback vs. qemu-dm vs. ?

Mark Williamson wrote:
> If you have a dedicated PCI card and really want to use Xen then I suspect 
> that the most likely way to do things will be to fiddle with pciback a bit 
> more.  Bear in mind that you're making the domain with the PCI card trusted 
> (potentially as much as dom0 itself) by giving it a PCI device to play with.

I have a few questions about pciback.hide, maybe you chaps could give me
a clue.

For starters, I'm wondering how reliable/stable it is. I've had problems
which seem to be related to IRQ or DMA not being handled correctly:

When a domU accessing a 'hidden' pci device is shut down sometimes
*other* devices in dom0 (ie other than the 'hidden' one) start having
problems. When this includes the hard drive controller one tends to have
major issues.

Also, with respect to trust of the domU with the PCI device, as I
understand it, if the device is already being handled by a driver in the
kernel (not a module) then userspace on the domU would not be able to
subvert this?

I'm thinking that if the device is in use and if it is already handled
by an in-kernel driver, then even if an attacker got root on the domU
they wouldn't be able to replace the in-kernel driver with their own and
thus not be able to 'break out' of the domU. This assumes that the domU
kernel is not modular and that the kernel file itself is in dom0 not in

Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.