From mboxrd@z Thu Jan  1 00:00:00 1970
From: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Subject: Re: [PATCH, RFC] Add sysctl to HVM hypercall table
Date: Wed, 08 Sep 2010 17:15:11 -0400
Message-ID: <4C87FCDF.5080504@tycho.nsa.gov>
References: <C8AD47EB.12673%keir.fraser@eu.citrix.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xensource.com>
In-Reply-To: <C8AD47EB.12673%keir.fraser@eu.citrix.com>
List-Unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: Keir Fraser <keir.fraser@eu.citrix.com>
Cc: xen-devel <xen-devel@lists.xensource.com>
List-Id: xen-devel@lists.xenproject.org

On 09/08/2010 05:02 PM, Keir Fraser wrote:
> On 08/09/2010 09:00, "Daniel De Graaf" <dgdegra@tycho.nsa.gov> wrote:
> 
>>>> The sysctl hypercall should be callable from HVM guests.
>>>
>>> Why?
>>>
>>>  K.
>>
>> I would like to be able to call xc_domain_getinfolist from an HVM driver
>> domain. This uses the XEN_SYSCTL_getdomaininfolist sysctl.
> 
> You realise that as it stands the domain needs to be as privileged as dom0
> to successfully execute the sysctl hypercall?
> 
>  -- Keir
> 

Yes, the domain will need to be privileged. XSM hooks exist to reduce 
the privileges granted to the guest, so it does not need to be equal to
dom0. Since PV domains can already make this hypercall, there's no
reason not to allow HVM domains to do the same.

-- 

Daniel De Graaf
National Security Agency