| |
|
 |
|
 |
|
|
|
| |
|
|
xen-devel
Re: RE: [Xen-devel] Re: domUloader kernel command line arguments?
|
To: |
Ian Pratt <m+Ian.Pratt@xxxxxxxxxxxx> |
|
Subject: |
Re: RE: [Xen-devel] Re: domUloader kernel command line arguments? |
|
From: |
Kurt Garloff <garloff@xxxxxxx> |
|
Date: |
Sun, 12 Mar 2006 21:40:44 +0100 |
|
Cc: |
Matt Ayres <matta@xxxxxxxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx>, John Byrne <john.l.byrne@xxxxxx> |
|
Delivery-date: |
Sun, 12 Mar 2006 20:40:31 +0000 |
|
Envelope-to: |
www-data@xxxxxxxxxxxxxxxxxxx |
|
In-reply-to: |
<A95E2296287EAD4EB592B5DEEFCE0E9D4B9C8A@xxxxxxxxxxxxxxxxxxxxxxxxxxx> |
|
List-help: |
<mailto:xen-devel-request@lists.xensource.com?subject=help> |
|
List-id: |
Xen developer discussion <xen-devel.lists.xensource.com> |
|
List-post: |
<mailto:xen-devel@lists.xensource.com> |
|
List-subscribe: |
<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe> |
|
List-unsubscribe: |
<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe> |
|
Mail-followup-to: |
Kurt Garloff <garloff@xxxxxxx>, Ian Pratt <m+Ian.Pratt@xxxxxxxxxxxx>, Matt Ayres <matta@xxxxxxxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx>, John Byrne <john.l.byrne@xxxxxx>, ian.pratt@xxxxxxxxxxxx |
|
Organization: |
SUSE/Novell |
|
References: |
<A95E2296287EAD4EB592B5DEEFCE0E9D4B9C8A@xxxxxxxxxxxxxxxxxxxxxxxxxxx> |
|
Sender: |
xen-devel-bounces@xxxxxxxxxxxxxxxxxxx |
|
User-agent: |
Mutt/1.5.9i |
Hi Ian,
On Fri, Mar 10, 2006 at 11:41:40PM -0000, Ian Pratt wrote:
> > > I know there were some complaints to the implementation,
> >
> > I'm aware of two complaints
> > (1) security concerns (you _mount_ the FS in dom0)
>
> This is certainly a fair concern. I'd wager most linux filesystem code
> can quite easily be subverted by a maliciously crafted on-disk bit
> pattern.
You underestimate the quality of Linux FS. Keep in mind that these would
all be vulnerabilities that you'd be able to exploit by inserting CDs
or USB sticks as a normal user.
That said, it would certainly be good to audit the FS code and I would
expect that the kernel FS implementations are not prefect in that area,
especially not the less commonly used ones. FS metadata could have been
considered trusted prior to the invention of removable media.
> > (2) the use of kpartx from multipath-tools which seems to be missing
> > from some ancient distros
>
> Not so ancient... I've never managed to make kpartx work on anything
> other than a SuSE distro.
Strange.
Should I try to provide multipath-tools RPMs/DEBs for other distros?
> > (1) is a feature and it's the reason why we probably will have pygrub
> > coexist with domUloader :-(
> > (2) we could help, by using fdisk -l and losetup rather than kpartx
> > if the latter is missing; though fdisk -l would limit the supported
> > partition tables to DOS ones.
>
> I'm not a fan of pygrub as that requires very new versions of the
> filesystem libraries (to support "open2" and hence patition table
> offsets).
>
> Perhaps we should be considering having both in tree? I've somewhat lost
> track of where we are in the discussion as regards to support for Sun's
> UFS. Could someone please generate a summary?
I you want an fdisk -l losetup / lomount fallback for domUloader to make
it usable by more people, that would be something I could work on.
Best,
--
Kurt Garloff, Head Architect Linux, Novell Inc.
pgp3Z3EoiS4ik.pgp
Description: PGP signature
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
|
|
| |
|
Home