Subject: Re: some questions
To: None <port-xen@netbsd.org>
From: Pavel Cahyna <pavel.cahyna@st.mff.cuni.cz>
List: port-xen
Date: 01/07/2006 01:14:49
On Fri, Jan 06, 2006 at 09:22:33PM +0100, Manuel Bouyer wrote:
> On Fri, Jan 06, 2006 at 03:07:42PM -0500, Thor Lancelot Simon wrote:
> > In other words, just as I originally said, if you grant an
> > "unprivileged" domain access to a PCI device that does DMA, you no
> > longer have a domain that is actually unprivileged at all -- a bug in
> > its kernel has precisely the same consequences as a bug in the domain
> > 0 kernel; the "privileged/unprivileged" distinction disappears.
>
> Yes, of course, I understand that. However a bug in a domU application
> gives you root in that domU; you then have to find a kernel bug to
> gets to dom0. It's one more step than direct root in domain0.
Why?
if you have root in a domU, you don't need a kernel bug to use DMA, which
opens the door to dom0.
Pavel Cahyna