|
|
|
|
|
|
|
|
|
|
xen-devel
[Xen-devel] Re: [Xen-announce] Questions about the control tools in Xen
----- Original Message -----
From: "Ian Pratt" <Ian.Pratt@xxxxxxxxxxxx>
To: "Inaba" <B8844014@xxxxxxxxxxxxxxxxx>
Cc: "Xen VMM Maillist" <xen-devel@xxxxxxxxxxxxxxxxxxxxx>;
<Ian.Pratt@xxxxxxxxxxxx>
Sent: Thursday, February 12, 2004 4:23 PM
Subject: Re: [Xen-announce] Questions about the control tools in Xen
>
> > Recently, I have traced part of the Xen VMM code.
> >
> > but I have some troubles...
> >
> > I could not find out the function ioctl() which is called by the
function do_privcmd() (xeno-1.2.bk/tools/xc/lib/xc_private.h)
>
> "man ioctl" -- its a system call
I got it , thanks a lot !!!
>
> > Is the interface between guest OS and VMM just like the interface
between OS and Hardware ?
>
> Similar, but different. The best overview description is in the
> SOSP paper available off the project web page.
I'm reading this paper now, but I could not understand how guest OS set into
kernel mode from ring 3 into ring 1 insteed of ring 3 into ring 0.
which functions or codes need to be modified in Xenolinux source code?
>
> > Is there any protection in Xen VMM to protect that only Domain 0 could
use the control tools?
>
> Yes. There's a concept of a 'privileged domain' that all dom0_ops
> and other hypervisor interfaces check. In future, we may allow
> delegations to enable, for example, domain 3 to be able to
> control and manipulate domain 7 but no others.
I'm not really understand the concept 'privileged domain' means.
but I have traced some of codes in xen.
I found that pyxc_domain_create() would call the function
xc_domain_create() -> do_dom0_op() -> do_xen_hypercall() -> do_privcmd() ->
ioctl()
In xc_domain_create() would fill in some parameters into dom0_op_t data
structure.
But if another domain such as domain 1 calls the function
pyxc_domain_create(), then it would create another domain ??
I guess that in Xen VMM it would check the the request of operations comes
from which domain. (domain number or address space ???)
If I want to know the protection mechanism which function I need to trace ?
Cheers,
Inaba
>
> Best,
> Ian
>
-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel
|
|
|
|
|