| |
|
 |
|
 |
|
|
|
| |
|
|
xen-users
Re: [Xen-users] guest kernel clarifications
> In past Xen versions, setting a kernel to support privliged drivers or be a
> priviliged domain (0) was a kernel config. But driver domains are not
> supported in Xen3 yet, as far as I understand.
They'll be back soonish - probably in 3.0.2, I believe.
> In Xen2, could a guest be booted with such a configured kernel but without
> priviliges because domain 0 did not tell the domain builder it was OK?
Yes.
> Someone recently told me in person that there was such a configuration.
> i.e., it was not only the kernel configuration but some other domain
> building flag and both were required to make it happen?
Whether the guest knows how to access the privileged interfaces of Xen or
drive real devices (these are set in the kernel config) is orthogonal to
whether the guest is allowed to access those interfaces at runtime (these are
part of the domain config).
The domain building setting is the important one: an unprivileged domain just
*can't* see or access the real devices, no matter what its kernel contains.
A domain with device access is inherently more trusted.
It's perfectly safe to use a dom0 kernel in a domU with no devices, and have
Xen ensure the domU stays unprivileged.
Cheers,
Mark
--
Dave: Just a question. What use is a unicyle with no seat? And no pedals!
Mark: To answer a question with a question: What use is a skateboard?
Dave: Skateboards have wheels.
Mark: My wheel has a wheel!
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
|
|
| |
|
Home