This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-devel] netif & grant tables

To: Mark Williamson <mark.williamson@xxxxxxxxxxxx>
Subject: Re: [Xen-devel] netif & grant tables
From: Stefan Berger <stefanb@xxxxxxxxxx>
Date: Fri, 1 Jul 2005 23:15:13 -0400
Cc: xen-devel@xxxxxxxxxxxxxxxxxxx, Matt Chapman <matthewc@xxxxxx>
Delivery-date: Sat, 02 Jul 2005 03:14:13 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <200507020256.26823.mark.williamson@xxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Mark Williamson <mark.williamson@xxxxxxxxxxxx> wrote on 07/01/2005 
09:56:26 PM:

> > If someone has the matching problem for my solution, then let me know. 
> > Otherwise I think the problem of making domains privileged should 
> > be solved - probably starting somewhere in XEN-D.
> There should probably be a flag you pass down from the config.  The 

It could be done implicitly, meaning that if you give a domain a backend 
(netif/blkif), that privilege flag will automatically be set by XEN-D and 
used when creating the domain, or explicitly where one specifies the 
flag(s) to set in the VM config file.

> hack people use is to give the domain access to a PCI device but not 
> in the drivers.  Driver domains are privileged at the moment, so it 
works :-S

>From what I can see this does not work anymore - I used to do that also. 
Passing a PCI device to a partition results in an error since the 
xc_physdev_pci_access_modify call ends in an error.
> With full grant tables support, full privilege is not necessary, just a 
> from the other party.  That's probably the nicest long term solution and 
> also hook in with a suitable IO-TLB to provide protection against rogue 

I am not sure how 'privilege' is defined. The privilege does so far not 
only mean to do dom 0 ops, but seems to also limit guest domains of doing 
other things - like the backend problem I see. I agree, though, that for 
grant table support a backend should not need privileges.

> Cheers,
> Mark


Xen-devel mailing list