Subject: Re: some questions
To: Thor Lancelot Simon <tls@rek.tjls.com>
From: Manuel Bouyer <bouyer@antioche.eu.org>
List: port-xen
Date: 01/05/2006 20:35:43
On Thu, Jan 05, 2006 at 12:18:59PM -0500, Thor Lancelot Simon wrote:
> >
> > Yes, that what's it's for. You'll have to build custom kernels with
> > PCI support for the domUs
> 
> It's very important to understand that if you allow any "unprivileged"
> domain to access a device that does DMA, the domain is no longer
> unprivileged in any meaningful way.

The situation is not that bad, the dom0 controls which kernel is loaded
in the domU, and also controls the console. If you can start the kernel
at securelevel 1 and prevent it from going back to 0 when downgrading
to single-user, it should be safe (but I'm not sure a NetBSD system can boot
properly if the kernel starts at securelevel 1)

-- 
Manuel Bouyer <bouyer@antioche.eu.org>
     NetBSD: 26 ans d'experience feront toujours la difference
--