xen-devel
Re: [Xen-devel] [PATCH] /sys/hypervisor/uuid
"Christian Limpach" <christian.limpach@xxxxxxxxx> writes:
> On 5/19/06, Chris Wright <chrisw@xxxxxxxxxxxx> wrote:
>> * Keir Fraser (Keir.Fraser@xxxxxxxxxxxx) wrote:
>> > Christian has a fair point that, if you're just reading it out of
>> > xenstore, you could do that directly from user space. I suppose there
>> > is an argument of necessary privileges to do so however, since you need
>> > to be root to open the xenstore device file.
>>
>> Privileges part is a bit annoying. But if the envisioned user
>> is unprivilged, some init script could always stash uuid in a
>> world readable file.
>
> This solution, as any solution which exposes the uuid to the guest,
> will break if/when we support VM forking.
[...]
Is there any scenario other than VM forking that makes the UUID
change?
Can we agree that machines having a UUID is useful? Real machines
have one, for a reason.
VM forking has no non-virtual equivalent, hasn't it? It's just one of
the things that are different in a virtual environment. If your
virtual machine differs in a noticeable ways from real machines, you
can't expect all software to just work. Software broken by the
difference needs to be adapted to the environment. In the case of
forking VMs, you have to teach it to expect and cope with UUID
changes. I don't see why we should break software that wants a UUID
now, by refusing to disclose the UUID we have, rather than possibly
later, when we fork VMs.
> Nevertheless, at this point
> I'd almost prefer adding a version sub hypercall since that gives you
> at least a chance at getting an up to date value.
What's the technical advantage of a version sub hypercall over
xenbus_read()?
> Alternatively, you
> could add some code to the xenstore dev driver to only allow read-only
> access for non-root users.
Does the dev driver enforce root? Isn't that policy in the kernel?
Is it safe to allow unpriveleged read-only access to *all* of xenstore
in domU?
[...]
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- [Xen-devel] [PATCH] /sys/hypervisor/uuid, Markus Armbruster
- Re: [Xen-devel] [PATCH] /sys/hypervisor/uuid,
Markus Armbruster <=
- Re: [Xen-devel] [PATCH] /sys/hypervisor/uuid, Keir Fraser
- Re: [Xen-devel] [PATCH] /sys/hypervisor/uuid, Markus Armbruster
- Re: [Xen-devel] [PATCH] /sys/hypervisor/uuid, Keir Fraser
- Re: [Xen-devel] [PATCH] /sys/hypervisor/uuid, Jeremy Katz
- Re: [Xen-devel] [PATCH] /sys/hypervisor/uuid, Keir Fraser
- Re: [Xen-devel] [PATCH] /sys/hypervisor/uuid, Jeremy Katz
- Re: [Xen-devel] [PATCH] /sys/hypervisor/uuid, Christian Limpach
- Re: [Xen-devel] [PATCH] /sys/hypervisor/uuid, Jeremy Katz
- Re: [Xen-devel] [PATCH] /sys/hypervisor/uuid, Anthony Liguori
- Re: [Xen-devel] [PATCH] /sys/hypervisor/uuid, Jeremy Katz
|
|
|