WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

Re: [Xen-devel] [patch 5/5] xen: net features

On Tue, Feb 01, 2005 at 12:00:17AM -0000, Ian Pratt wrote:
> > > I can't see why making the frontend MAC readonly can really be done
> > > securely within the domain.
> > 
> > Well, if you have module support enabled in the kernel, or some way
> > that lets root write to random (domain) memory, then it's not really
> > secure, although i think it's still a nice to have. Otherwise i would
> > think it should be reasonably secure?
> 
> You need root access to change the mac normally, and its trivial for
> root to change it under your scheme -- running sed on /dev/mem would do
> it...

I was thinking of something along the lines of adding a tiny bit of code
to remove the CAP_SYS_MODULE and CAP_SYS_RAWIO capabilities from the global
set of allowed cap's when using the readonly option. With that in place you're
down to requiring a kernel-hole to get around it.

> > > > (2) the addition of some xen-specific sysfs attributes
> > > > on front/back vifs, 
> > > 
> > > What attributes?
> > 
> > Backend:
> > - xen/fe.domain: frontend domain name
> > - xen/fe.initial_address: initial frontend interface mac address
> > - xen/fe.mac_mode: mac mode of the frontend interface (r/w)
> > - xen/be.mac_mode: mac mode of the backend interface (r/w)
> > 
> > Frontend:
> > - xen/mac_mode: mac mode of the interface
> 
> What's the naming convention for multiple fe/bs's.

Ah, sorry. I've had my head stuck in the sysfs system so much lately
I didn't get enough context. Network interfaces appear within sysfs as:

/sys/class/net/INTNAME

so, eg, /sys/class/net/vif1.0. The paths above are located within that,
so you'd have /sys/class/net/vif1.0/xen/fe.initial_address

> I can see some point having the be enforce the MAC, and possibly in
> having the enforcement address being configurable via sysfs. I'm not a
> big fan of this section of the patch, though.

The entire idea of it or just the current attributes?


J

-- 
Jody Belka
knew (at) pimb (dot) org


-------------------------------------------------------
This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag-&-drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel