[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v2] libxl: Reset toolstack_save file position in libxl

Jason Andryuk writes ("Re: [PATCH v2] libxl: Reset toolstack_save file position 
in libxl"):
> On 5/21/2014 12:02 PM, Ian Jackson wrote:
> > But I'm curious as to what kind of wrapper you have devised, and for
> > what purpose.  Do you mean a wrapper program for libxl-save-helper ?
> > Which presumably interposes a pipe for the toolstack data fd ?
> Using XSM Flask and Domain Builder [1], the hypervisor can protect
> domU memory from control domains.  The wrapper spawns a migrator
> domain to run libxl-save-helper.  This migrator domain has the XSM
> permission to access the domU memory and encrypts the data stream to
> continue protecting the domU.

How exciting.  Well, excellent.  Thanks for the explanation.

> Yes, it's an atypical setup.  The patch doesn't change co-located
> libxl/libxl-save-helper, but it does allow the possibility described
> above.

Right.  I'll apply the patch.  But I don't think this merits a


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.