Xen project Mailing List

Re: [Xen-devel] Re: Questions about the control tools in Xen

To: "Inaba" <B8844014@xxxxxxxxxxxxxxxxx>

From: Mark Williamson <Mark.Williamson@xxxxxxxxxxxx>

Date: Thu, 19 Feb 2004 15:36:18 +0000

Cc: "xen-devel" <xen-devel@xxxxxxxxxxxxxxxxxxxxx>

Delivery-date: Thu, 19 Feb 2004 15:44:48 +0000

List-id: List for Xen developers <xen-devel.lists.sourceforge.net>

> In the Xenolinux source code, I found that in function of > HYPERVISOR_dom0_op, it would set the interface version to > DOM0_INTERFACE_VERSION!! > Does Xen VMM check the commands come from domain0 or not just acording with > the interface version? DOM0_INTERFACE_VERSION is #defined in xen/include/hypervisor-ifs/dom0_ops.h (which holds various details about the valid dom0 ops and their data structures). The idea is that whenever there is a change to the interface, the interface version number will be changed. This way, if you're using a set of control tools that were built for an older version of the interface, Xen will see that the version is different (the check for this is in xen/common/dom0_ops.c::do_dom0_op() ). This is to prevent people using control tools that are built with the wrong interface. > If another domain boot by the xenolinux kernel as same as domain 0 and use > the privileged tools, can this domain create or delete another domains? The xenolinux kernel normally used by dom0 includes a control interface for sending commands to Xen from the control tools. The interface consists of some files under /proc/xeno/ - you've probably already seen some of the code related to this. If you boot other domains using this kernel then they will also have those special files BUT they *won't* be able to use them to do privileged control ops *unless* they are made privileged. By default, other domains are not made privileged, so usually the control interface in /proc/xeno won't do anything in non-0 domains. If you want you can build a different kernel for your non-privileged domains, removing the control interface in the kernel config. When domains attempt to perform privileged operations, Xen checks that they are really allowed to do them (i.e. that they are privileged). You can see one such check at the start of xen/commond/dom0_ops.c::do_dom0_op() - Xen returns an EPERM error if the domain is not privileged. Well, that's the detail. But in summary: only privileged domains can access the Xen control interface. Domains (other than 0) are unprivileged by default. The /proc/xeno interface only works on privileged domains, on others it won't do anything. HTH. Mark ------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.