Xen devel - Apr 2005 - RE: Problem when doing direct_remap_area_pages() in aprivileged user domain

>   I have come accross a problem when trying to do a
> direct_remap_area_pages() call in a backend driver that is 
> running in a privileged user domain. The call ends up with an 
> error code (-14 = -EFAULT). This in turn is caused by the 
> hypervisor call
> HYPERVISOR_mmu_update() which returns an error code of -22 = 
> -EINVAL after failing in set_foreigndom due to not (!?!) 
> being privileged. The same call returns no error if run in domain-0.
>   However, I found the solution to fix this. I needed to make 
> a fake(*) PCI device available to the privileged user domain 
> by adding a line like pci=[''00,07,00''] to the
configuration
> file, because this would actually set the privileged flag for 
> the domain in 
> xen/common/physdev.c:physdev_pci_access_modify(). I wonder 
> whether the setting of this flag should not be moved to some 
> other place?
Yep, we''ve had to point people at this work around before. Not nice.

I''d really like to see a patch that creates a more fine grained set of
privilege capabilities, and an appropriate config file option to set
them. For completeness, there should be a dom0_op that enables a domain
to irrevocably surrender a capability. 

There''s an argument that certain capabilities should be specific to a
specified target domain or group of domains (we already have a domain
group ID). This may be going to far in the first instance, but its worth
bearing in mind while working up a patch for the former.

Cheers,
Ian  

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel