| To: | "Chris Wright" <chrisw@xxxxxxxxxxxx> |
|---|---|
| Subject: | Re: [Xen-devel] [PATCH] /sys/hypervisor/uuid |
| From: | "Christian Limpach" <christian.limpach@xxxxxxxxx> |
| Date: | 2006年5月19日 10:43:18 +0100 |
| Cc: | Xen devel list <xen-devel@xxxxxxxxxxxxxxxxxxx>, Markus Armbruster <armbru@xxxxxxxxxx>, Christian Limpach <chris@xxxxxxxxxxxxx> |
| Delivery-date: | 2006年5月19日 02:43:40 -0700 |
| Domainkey-signature: | a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=W2j4fFGO327N8KYxAbSlmqlBjp2nle68rEs15CnkJXx8VImK2xUO//NWJbR4zYnvI2yYxJAEcFhl7x+xlXZxjO28m75QGqpEvOusbbZzFk7wYEhg+7AALjUpkJ9Ey9UM+Z3XvnXTok1EiZZlrbx8Zr78fHGUaPeSIOUomhyc8Go= |
| Envelope-to: | www-data@xxxxxxxxxxxxxxxxxx |
| In-reply-to: | <20060519074112.GF2724@xxxxxxxxxxxxxxxxx> |
| List-help: | <mailto:xen-devel-request@lists.xensource.com?subject=help> |
| List-id: | Xen developer discussion <xen-devel.lists.xensource.com> |
| List-post: | <mailto:xen-devel@lists.xensource.com> |
| List-subscribe: | <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe> |
| List-unsubscribe: | <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe> |
| References: | <87y7wzmeqb.fsf@xxxxxxxxxxxxxxxxx> <a74fd46bb61fffb16ab812859d83d8e8@xxxxxxxxxxxx> <20060519074112.GF2724@xxxxxxxxxxxxxxxxx> |
| Reply-to: | Christian.Limpach@xxxxxxxxxxxx |
| Sender: | xen-devel-bounces@xxxxxxxxxxxxxxxxxxx |
On 5/19/06, Chris Wright <chrisw@xxxxxxxxxxxx> wrote:
* Keir Fraser (Keir.Fraser@xxxxxxxxxxxx) wrote: > Christian has a fair point that, if you're just reading it out of > xenstore, you could do that directly from user space. I suppose there > is an argument of necessary privileges to do so however, since you need > to be root to open the xenstore device file. Privileges part is a bit annoying. But if the envisioned user is unprivilged, some init script could always stash uuid in a world readable file.
This solution, as any solution which exposes the uuid to the guest, will break if/when we support VM forking. Nevertheless, at this point I'd almost prefer adding a version sub hypercall since that gives you at least a chance at getting an up to date value. Alternatively, you could add some code to the xenstore dev driver to only allow read-only access for non-root users. Also, the guest domain xenstore interface was never really intended to be used in anger, it was only added to support driver domains getting information about the devices to configure. The immediate issue would be that access to xenstore is through a file in /proc/xen and I'd expect that to change at some point. Might be good to already add the new path to all tools as a fallback option now. Any suggestions for where this would end up in /sys I presume? christian _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | [Xen-devel] kernel hz rate? , Shaun |
|---|---|
| Next by Date: | [Xen-devel] [patch 4/5] netfront: remove use of typedefs for structures , Chris Wright |
| Previous by Thread: | Re: [Xen-devel] [PATCH] /sys/hypervisor/uuid , Chris Wright |
| Next by Thread: | Re: [Xen-devel] [PATCH] /sys/hypervisor/uuid , John Levon |
| Indexes: | [Date] [Thread] [Top] [All Lists] |