WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/

Home

xen-devel

[Top] [All Lists]

Re: [Xen-devel] dom0 vs non-dom0 differentiation inside Xen hypervisor

from [Ian Campbell]

[Permanent Link][Original]

To:	Peter Teoh <htmldeveloper@xxxxxxxxx>
Subject:	Re: [Xen-devel] dom0 vs non-dom0 differentiation inside Xen hypervisor
From:	Ian Campbell <Ian.Campbell@xxxxxxxxxxxxx>
Date:	Mon, 03 Sep 2007 07:15:01 +0100
Cc:	xen-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date:	Sun, 02 Sep 2007 23:15:25 -0700
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxx
In-reply-to:	<804dabb00709021745uad08fe2m7fb8e7acaab9de45@xxxxxxxxxxxxxx>
List-help:	<mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id:	Xen developer discussion <xen-devel.lists.xensource.com>
List-post:	<mailto:xen-devel@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References:	<804dabb00709021745uad08fe2m7fb8e7acaab9de45@xxxxxxxxxxxxxx>
Sender:	xen-devel-bounces@xxxxxxxxxxxxxxxxxxx

On Mon, 2007-09-03 at 08:45 +0800, Peter Teoh wrote:
> In some parts of IA64 I can see that domain==dom0 checking is done,
> but in all of x86 - I have yet to find a proper checking that the
> hypercalls comes from a dom0 domain instead of any other domain. 
> 
> Theoretically, this means that any domain (PV or HVM) can always
> modify its own kernel binary and then make a direct hypercall (via int
> 0x82 or SYSENTER) into the hypervisor, executing domain controller
> commands like create domain etc. 
> 
> Is this possible?

No. The checks you are talking about are done using IS_PRIV() rather
than comparing directly domain==dom0.

e.g. from do_domctl and do_sysctl:
   if ( !IS_PRIV(current->domain) )
        return -EPERM;

In practise only dom0 passes this test.

Cheers,
Ian.



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Xen-devel] dom0 vs non-dom0 differentiation inside Xen hypervisor, Peter Teoh Re: [Xen-devel] dom0 vs non-dom0 differentiation inside Xen hypervisor, Ian Campbell <= Re: [Xen-devel] dom0 vs non-dom0 differentiation inside Xen hypervisor, Keir Fraser [Xen-devel] dom0 vs non-dom0 differentiation inside Xen hypervisor, Peter Teoh Re: [Xen-devel] dom0 vs non-dom0 differentiation inside Xen hypervisor, Derek Murray

Previous by Date:	RE: [Xen-devel] [PATCH] 1/2: cpufreq/PowerNow! in Xen: Time and platform changes, Tian, Kevin
Next by Date:	RE: [Xen-devel] Re: free_irq_vector on ia64, Duan, Ronghui
Previous by Thread:	[Xen-devel] dom0 vs non-dom0 differentiation inside Xen hypervisor, Peter Teoh
Next by Thread:	Re: [Xen-devel] dom0 vs non-dom0 differentiation inside Xen hypervisor, Keir Fraser
Indexes:	[Date] [Thread] [Top] [All Lists]

This site is hosted by Citrix