[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 3 of 7] xen: allows more hypercalls from stubdoms

On 12/10/2009 18:20, "Stefano Stabellini" <stefano.stabellini@xxxxxxxxxxxxx>

> +        case XEN_DOMCTL_ioport_mapping:
> +        case XEN_DOMCTL_memory_mapping:
> +        case XEN_DOMCTL_bind_pt_irq:
> +        case XEN_DOMCTL_unbind_pt_irq:
> +        case XEN_DOMCTL_assign_device:
> +        case XEN_DOMCTL_deassign_device:

This kind of thing, for example, while we're talking about least
privilege... I think it's wrong-headed in the first place for this kind of
control-plane activity to be going on in qemu. Surely it belongs in the
toolstack? Yes, I know it's a pain in the bum that this means modifying
multiple toolstacks! :-)

 -- Keir

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.