WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

[Xen-devel] Re: Questions about the control tools in Xen

To: "xen-devel" <xen-devel@xxxxxxxxxxxxxxxxxxxxx>
Subject: [Xen-devel] Re: Questions about the control tools in Xen
From: "Inaba" <B8844014@xxxxxxxxxxxxxxxxx>
Date: Thu, 19 Feb 2004 21:35:22 +0800
Delivery-date: Thu, 19 Feb 2004 14:39:00 +0000
Envelope-to: steven.hand@xxxxxxxxxxxx
List-archive: <http://sourceforge.net/mailarchive/forum.php?forum=xen-devel>
List-help: <mailto:xen-devel-request@lists.sourceforge.net?subject=help>
List-id: List for Xen developers <xen-devel.lists.sourceforge.net>
List-post: <mailto:xen-devel@lists.sourceforge.net>
List-subscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=subscribe>
List-unsubscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=unsubscribe>
Sender: xen-devel-admin@xxxxxxxxxxxxxxxxxxxxx
In the Xenolinux source code, I found that in function of
HYPERVISOR_dom0_op, it would set the interface version to
DOM0_INTERFACE_VERSION!!
Does Xen VMM check the commands come from domain0 or not just acording with
the interface version?
If another domain boot by the xenolinux kernel as same as domain 0 and use
the privileged tools, can this domain create or delete another domains?
Another question:
How guest OS set into kernel mode from ring 3 into ring 1 insteed of ring 3
into ring 0

Thanks a lot !!

Cheers,

Inaba

> > > Recently, I have traced part of the Xen VMM code.
> > >
> > > but I have some troubles...
> > >
> > > I could not find out the function ioctl() which is called by the
> function do_privcmd() (xeno-1.2.bk/tools/xc/lib/xc_private.h)
> >
> > "man ioctl" -- its a system call
>
> I got it , thanks a lot !!!
>
> >
> > > Is the interface between guest OS and VMM just like the interface
> between OS and Hardware ?
> >
> > Similar, but different. The best overview description is in the
> > SOSP paper available off the project web page.
>
> I'm reading this paper now, but I could not understand how guest OS set
into
> kernel mode from ring 3 into ring 1 insteed of ring 3 into ring 0.
>
> which functions or codes need to be modified in Xenolinux source code?
>
> >
> > > Is there any protection in Xen VMM to protect that only Domain 0 could
> use the control tools?
> >
> > Yes. There's a concept of a 'privileged domain' that all dom0_ops
> > and other hypervisor interfaces check. In future, we may allow
> > delegations to enable, for example, domain 3 to be able to
> > control and manipulate domain 7 but no others.
>
> I'm not really understand the concept 'privileged domain'  means.
>
> but I have traced some of codes in xen.
>
> I found that pyxc_domain_create() would call the function
> xc_domain_create() -> do_dom0_op() -> do_xen_hypercall() ->
do_privcmd() ->
> ioctl()
>
> In xc_domain_create() would fill in some parameters into dom0_op_t data
> structure.
>
> But if another domain such as domain 1 calls the function
> pyxc_domain_create(), then it would create another domain ??
>
> I guess that in Xen VMM it would check the the request of operations comes
> from which domain. (domain number or address space ???)
>
> If I want to know the protection mechanism which function I need to trace
?
>
> Cheers,
>
> Inaba
>
> >
> > Best,
> > Ian
> >
>





-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel

<Prev in Thread] Current Thread [Next in Thread>