WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

RE: [Xen-devel] frontend and backend devices and differenttypes of hw -

To: "Mark Williamson" <mark.williamson@xxxxxxxxxxxx>, "Stefan Berger" <stefanb@xxxxxxxxxx>
Subject: RE: [Xen-devel] frontend and backend devices and differenttypes of hw - pci for example
From: "Ian Pratt" <m+Ian.Pratt@xxxxxxxxxxxx>
Date: Sun, 4 Sep 2005 14:02:49 +0100
Cc: Sting Zax <zstingx@xxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxx, xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Delivery-date: Sun, 04 Sep 2005 13:00:47 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: AcWxADY/wBU/d7w2TvWTqJP7SkGR1wAUJ3vw
Thread-topic: [Xen-devel] frontend and backend devices and differenttypes of hw - pci for example
> While I'm on the subject, I'd personally like to see guests 
> granted IO access slightly differently.  There are two ways 
> to grant IO access on x86: change the IOPL (giving the guest 
> access to all IO ports) or set IO bits in the TSS (giving 
> fine grained control).  The problem with the latter is that guest
> *apps* will be able to access the hardware; essentially x86 
> gives you coarse grained control and ring-level protection, 
> or vice-versa.
> 
> Since people often like to partition their systems using Xen, 
> I don't really like giving apps easy access to the hardware 
> in this way.  I'd like to have the option of trapping IO port 
> writes in Xen and verifying the guest's IO privileges in 
> software, then emulating the write. 

That's how it works in -unstable today...

Ian

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

<Prev in Thread] Current Thread [Next in Thread>