This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-devel] [PATCH 0/3] domUloader

To: Anthony Liguori <aliguori@xxxxxxxxxx>
Subject: Re: [Xen-devel] [PATCH 0/3] domUloader
From: Jeremy Katz <katzj@xxxxxxxxxx>
Date: Wed, 18 Jan 2006 13:06:04 -0500
Cc: Xen development list <xen-devel@xxxxxxxxxxxxxxxxxxx>, Kurt Garloff <garloff@xxxxxxx>
Delivery-date: Wed, 18 Jan 2006 18:13:21 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <43CCDA6E.5040608@xxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <20060116234330.GC17087@xxxxxxxxxxxxxxxxxxxxxx> <43CCDA6E.5040608@xxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
On Tue, 2006-01-17 at 05:52 -0600, Anthony Liguori wrote: 
> Kurt Garloff wrote:
> >domUloader parses the bootentry (passed via --entry=) and the disk
> >setup (passed via --disks=). It then sets up loop devices as needed,
> >scans for partition tables (the exported disks / loop devs can
> >contain partitions) using kpartx (dm) and sets them up, so the kernel
> >and initrd can be copied to a temporary location in dom0. 
> >
> Just to clarify, this means that domU filesystems are being mounted in 
> dom0?  I knew there was some security concerns voiced about this many 
> months ago.  I think one of the advantages to using libext2 was that it 
> theoritically allowed the filesystem parsing to be done as a 
> non-privileged user.

The other concern with mounting is that there have been some cases where
changes to filesystems have broken reading new filesystems with older
kernels.  It's a lot easier to get the library that supports more (and
less has to be supported, so you're less likely to need to make changes)
than to upgrade your kernel for dom0


Xen-devel mailing list