[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] One question about the hypercall to translate gfn to mfn.

To: Tim Deegan <tim@xxxxxxx>, "Tian, Kevin" <kevin.tian@xxxxxxxxx>
From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
Date: Thu, 18 Dec 2014 17:01:28 +0000
Cc: "Yu, Zhang" <yu.c.zhang@xxxxxxxxxxxxxxx>, "Paul.Durrant@xxxxxxxxxx" <Paul.Durrant@xxxxxxxxxx>, "keir@xxxxxxx" <keir@xxxxxxx>, "JBeulich@xxxxxxxx" <JBeulich@xxxxxxxx>, "Xen-devel@xxxxxxxxxxxxx" <Xen-devel@xxxxxxxxxxxxx>
Delivery-date: Thu, 18 Dec 2014 17:22:32 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On 18/12/14 16:08, Tim Deegan wrote:
>> yep. Just curious, I thought stubdomain is not popularly used. typical
>> > case is to have qemu in dom0. is this still true? :-)
> Some do and some don't. :)  High-security distros like Qubes and
> XenClient do.  You can enable it in xl config files pretty easily.
> IIRC the xapi toolstack doesn't use it, but XenServer uses privilege
> separation to isolate the qemu processes in dom0.
>

We are looking into stubdomains as part of future architectural roadmap,
but as identified, there is a lot of toolstack plumbing required before
this be feasible to put into XenServer.

Our privilege separate in qemu is a stopgap measure which we would like
to replace in due course.

~Andrew

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

References:
- [Xen-devel] One question about the hypercall to translate gfn to mfn.
  - From: Yu, Zhang
- Re: [Xen-devel] One question about the hypercall to translate gfn to mfn.
  - From: Tim Deegan
- Re: [Xen-devel] One question about the hypercall to translate gfn to mfn.
  - From: Tian, Kevin
- Re: [Xen-devel] One question about the hypercall to translate gfn to mfn.
  - From: Tim Deegan
- Re: [Xen-devel] One question about the hypercall to translate gfn to mfn.
  - From: Tian, Kevin
- Re: [Xen-devel] One question about the hypercall to translate gfn to mfn.
  - From: Tim Deegan
- Re: [Xen-devel] One question about the hypercall to translate gfn to mfn.
  - From: Tian, Kevin
- Re: [Xen-devel] One question about the hypercall to translate gfn to mfn.
  - From: Tim Deegan

Prev by Date: Re: [Xen-devel] [PATCH v16 02/23] x86/VPMU: Don't globally disable VPMU if initialization fails.
Next by Date: Re: [Xen-devel] [OSSTEST PATCH 2/2] Testing cpupools: recipe for it and job definition
Previous by thread: Re: [Xen-devel] One question about the hypercall to translate gfn to mfn.
Next by thread: Re: [Xen-devel] One question about the hypercall to translate gfn to mfn.
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.