WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] [PATCH RFC 0/5] Grant table for console, xenstore pages

from [Derek Murray] [Permanent Link][Original]
To: "Diego Ongaro" <diego.ongaro@xxxxxxxxxx>
Subject: Re: [Xen-devel] [PATCH RFC 0/5] Grant table for console, xenstore pages
From: "Derek Murray" <Derek.Murray@xxxxxxxxxxxx>
Date: Mon, 14 Jul 2008 15:55:08 +0100
Cc: xen-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Mon, 14 Jul 2008 07:55:32 -0700
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:reply-to :sender:to:subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references :x-google-sender-auth; bh=JupKKqKd1dssPcH9sUFK056Uqkzh1siK96i2mH2OSGs=; b=WJWUJLNKoNFdPOYdyWdWDIFASozxEELEX1V+nFQ1SFhW3TYqyxHp71xeECTgn9A2qz XyBxAzHQ1XHNtK8t6oUzeQ+hB0Fyrg7g80O3VKPnxTe0xEH+OqopzEcN1wr8qlwEB3Hn P7tzxdlxY+3fuxMduoOWBMluLfuqWItDKDkNc=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:reply-to:sender:to:subject:cc:in-reply-to :mime-version:content-type:content-transfer-encoding :content-disposition:references:x-google-sender-auth; b=Eao1hAFG0dNBOq4AR1EOYMcnc4TxlXd39j4fxc1RRWko/pegmef88YT9NUsXMXvtR6 dK/PTJaSZLvAKq3bgmJ+R8YR4Hb+MZPV2NgqtzKPmUQinlJX2ezmINk6nynT9ntY7bZm hUv/GfX8lcjKec95ZB4wybjvWrblpUlc6Pnzk=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <487B64A0.7070004@xxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <4877B09E.5000909@xxxxxxxxxx> <617dbaa80807121134t66e67947k95b92a9674eac251@xxxxxxxxxxxxxx> <487B64A0.7070004@xxxxxxxxxx>
Reply-to: Derek.Murray@xxxxxxxxxxxx
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx 
On Mon, Jul 14, 2008 at 3:37 PM, Diego Ongaro <diego.ongaro@xxxxxxxxxx> wrote:
> Derek Murray wrote:
>> I imagine you've already ready seen this, but the thread beginning
>> here has some historical context:
>>
>> http://lists.xensource.com/archives/html/xense-devel/2007-05/msg00004.html
>
> No, I didn't know about that thread. It's disappointing to see that I've
> duplicated your efforts in patches 1-3 of my series.

On the contrary, I think this is a much nicer approach - especially as
it doesn't require any modifications to the hypervisor. Therefore I
think it will be a better fit for the mainline repository.

> Did you ever finish polishing those patches? Based on the discussion,
> there were just a couple things left to clean up.

If I remember correctly, I did do some more work on those patches to
make the use of gntdev optional, but I don't think they were ready for
prime-time. I'll look them out and send them to you off list, in case
they might be of any use.

>>> I'm working on moving xenstored into a dedicated, unprivileged domain.
>
> Have you also worked on this, Derek? I wouldn't want to keep working on
> something you've already done...

I haven't worked on this myself, but I vaguely recall hearing of
efforts to disaggregate XenStore - I don't think any of these are
publicly available. Is the main aim of this work to enhance security
or performance? If the former, how do you plan to launch the XenStore
domain? From Dom0, or using another mechanism?

My personal inclination is to enhance Xen so that the tools no longer
run as root (a conventional Unix-based privilege separation), which
provides a low-cost improvement in Dom0 security. This would build on
your patches to use gntdev for console and XenStore access, and use
modifications to gntdev that allow non-root users to map certain
explicitly-specified grants. This would provide a route to
disaggregating all necessarily-trusted functionality on systems that
would benefit from it (i.e. IOMMU-equipped systems). If you'd like, we
could discuss this approach further.

Regards,

Derek Murray.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-devel] [PATCH RFC 0/5] Grant table for console, xenstore pages, Diego Ongaro
Next by Date:  RE: [Xen-devel] ioemu build failure with GCC > 4.3, Ian Jackson
Previous by Thread:  Re: [Xen-devel] [PATCH RFC 0/5] Grant table for console, xenstore pages, Diego Ongaro
Next by Thread:  Re: [Xen-devel] [PATCH RFC 0/5] Grant table for console, xenstore pages, Diego Ongaro
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy