[Gllug] Letting Bohcs, UML or vmware have direct access to a PCI card or a SCSI device (not disk).
Nix
nix at esperi.org.uk
Fri Sep 16 15:28:13 UTC 2005
On Fri, 16 Sep 2005, Russell Howe stipulated:
> On Fri, Sep 16, 2005 at 09:55:25AM +0100, Nix wrote:
>> That depends on whether the VM is executing non-privileged code. A VM
>> executing non-privileged code shouldn't allow that code to send
>> arbitrary SCSI commands.
>
> Isn't the entire VM classed as 'unpriviledged code' by whatever
> container it's running in (e.g. the host kernel in the case of UML, or
> domain 0 in the case of Xen)?
That depends what the VM is for. You can run UMLs as root.
(Also, there's a tiny virtual machine in the kernel for interpreting
ACPI. That's as privileged as can be, with opcodes to do bus I/O.)
> At least, I'd say that's the case if the VM system is emulating a
> complete virtual machine.. with UML, I'd say the virtualisation boundary
> lies at the syscall level within the UML instance.
Yes. (In practice the distinction is hard to see.)
--
`One cannot, after all, be expected to read every single word
of a book whose author one wishes to insult.' --- Richard Dawkins
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list