|
|
|
|
|
|
|
|
|
|
xen-users
Re: [Xen-users] working xen domU kernel with PHYSDEV_ACCESS?
> 2005-05-02, h keltezéssel 18.19-kor Mark Williamson ezt írta:
> > You should just be able to use the dom0 kernel itself - have you tried
> > that?
>
> That works. Ok.
> I think I've misunderstood something in the docs/list archives.
> As I understand, the privileged guest (dom0 kernel) has full privileges
> to the xen command interface (so that can manage domains)
Yes, dom0 has those privileges. This is, however, *independent* of the kernel
image it uses. The PRIVILEGED_GUEST option compiles a kernel that knows
*how* to access the privileged control interface. Unless Xen gives it this
privilege, it still won't be able to manage domains.
Thus, using a xen0 kernel in a domU does not in any way imply reduced
security. In fact, from a security PoV it doesn't matter what kernel you use
in a guest domain - the worst a guest can do is allow *itself* to be
compromised. It's not a risk to the rest of the machine to allow users to
compile their own kernels.
> and is a
> backend for other domains. The docs also says that a block device
> backend can't be a block device frontend, so that can't use a device
> from an other backand (the Domain-0 for example). But it seems that it
> can...
At the time, it was not possible for a domain to *actively* use both its
backend driver and its frontend driver. This is not true anymore in the
unstable tree for network devices but is still true in the stable tree AFAIK.
There's no problem with a domain having both drivers compiled in, it just
can't use them both at once.
> Can I disable the PRIVILEGED_GUEST option of the dom0 kernel when I want
> to use that one as a guest with physical device (some pci device)
> access?
You can if you want but if you give a guest physical device access, it'll
still have (almost) dom0 privileges, you just won't be able to *use* the
management interface (so easily) from userspace. Don't let anyone you don't
trust use this domain ;-)
Privileges for guests with physical device access will gradually get tightened
up with the introduction of grant tables in the unstable / 3.0 tree.
Cheers,
Mark
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
|
|
|
|