From mboxrd@z Thu Jan  1 00:00:00 1970
From: Yosuke Iwamatsu <y-iwamatsu@ab.jp.nec.com>
Subject: [PATCH] ioemu: Get guest uuid from xenstore
Date: Tue, 20 Jan 2009 11:12:33 +0900
Message-ID: <49753311.8070903@ab.jp.nec.com>
References: <C59A73FE.2114F%keir.fraser@eu.citrix.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xensource.com>
In-Reply-To: <C59A73FE.2114F%keir.fraser@eu.citrix.com>
List-Unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: Keir Fraser <keir.fraser@eu.citrix.com>, Ian Jackson <Ian.Jackson@eu.citrix.com>
Cc: xen-devel@lists.xensource.com
List-Id: xen-devel@lists.xenproject.org

Keir Fraser wrote:
> On 19/01/2009 18:02, "Ian Jackson" <Ian.Jackson@eu.citrix.com> wrote:
> 
>> I don't think this patch is safe.  /local/domain/<domid>/vm is
>> owned by (and thus writeable by) the domain in question.  We need a
>> trustworthy copy of this information.
> 
> Perhaps worth checking with a xenstore-ls -p, or a xenstore-write attempt
> within a domU, but the vm node should be owned by dom0 and read-only by the
> domU. The recent xenstore permissions fixes should ensure that.
> 
> So the patch should be safe and if it's not it's a xend bug that needs
> fixing.

I checked with 'xenstore-ls -p' on my system and could confirm that
the permission of /local/domain/<domid>/vm was set properly
(owned by dom0 and set read-only by domU), apparently since cs 18933.

Thanks,
   Yosuke