Xen 		  
Home About Xen.org Xen Xen Summit Wiki Mailing List Bug Tracker Xen Downloads
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] Re: Access Hypervisor Control from DomU

from [John Smith] [Permanent Link][Original]
To: XEN User - listmembers <xen-users@xxxxxxxxxxxxxxxxxxx>
Subject: Re: [Xen-users] Re: Access Hypervisor Control from DomU
From: John Smith <netman1@xxxxxxx>
Date: Thu, 30 Mar 2006 18:57:03 +0200
Delivery-date: Thu, 30 Mar 2006 16:58:52 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <1143727656.2747.63.camel@xxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <442B7013.9070804@xxxxxxxxxxxx> <20060330130838.GE19886@xxxxxxxxxxxxxxx> <1143727656.2747.63.camel@xxxxxxxxxxxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Debian Thunderbird 1.0.2 (X11/20051002) 
Nils Toedtmann wrote:

Am Donnerstag, den 30.03.2006, 08:08 -0500 schrieb Sean Dague:


On Thu, Mar 30, 2006 at 07:43:47AM +0200, Stephan Seitz wrote:
[...] 
My question, is it possible to investigate this behaviour (and
ideally, xm destroy / create) from one of the live domU's ? I know,
this would be a security issue, but is there _any_ access back to the
dom0 like the xm console from dom0 to domU's ?


For exactly the reasons you stated (security), the answer is no.



I remember reading that the only real difference between a dom0 and a
domU kernel is the priviledge to have access to the hypervisor. Why not
declaring a special domU to a "fallback" dom0? Not in the sense of
having access to hw but control over the hypervisor.

That would help if the original dom0 userland dies, but it's kernel
keeps forwarding/bridging packets and blockdevice-I/O, like Stephan's
dom0 did.

/nils.



Hi,

        if this would be a problem you would have to deal with in the
real world, you would have a identical box on another location and move
the domU's to it and reboot the problem box.

Sincerely,

Jan.

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-users] Problem with reboot of domU's, Jan-Petter Kruger
Next by Date:  [Xen-users] Re: Get snmp data from DomU, Stephane Bortzmeyer
Previous by Thread:  Re: [Xen-users] Re: Access Hypervisor Control from DomU, Nils Toedtmann
Next by Thread:  Re: [Xen-users] Re: Access Hypervisor Control from DomU, Stephan Seitz
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , XenSource, Inc. All rights reserved. Note: the xen.org trademark policy
is changing. For information please email legalxen.org, Legal and Privacy