On 14.06.2025 00:51, Stefano Stabellini wrote: > On Wed, 11 Jun 2025, Jason Andryuk wrote: >> On 2025-06-11 09:27, Jan Beulich wrote: >>> On 11.06.2025 00:57, Jason Andryuk wrote: >>>> Allow the hwdom to access the console, and to access physical >>>> information about the system. >>>> >>>> xenconsoled can read Xen's dmesg. If it's in hwdom, then that >>>> permission would be required. >>> >>> Why would xenconsoled run in the hardware domain? It's purely a software >>> construct, isn't it? As a daemon, putting it in the control domain may >>> make sense. Otherwise it probably ought to go in a service domain. >> >> My approach has been to transform dom0 into the hardware domain and add a new >> control domain. xenconsoled was left running in the hardware domain. > > I think we should keep xenconsoled in the hardware domain because the > control domain should be just optional. (However, one could say that with > Denis' recent changes xenconsoled is also optional because one can use > console hypercalls or emulators (PL011, NS16550) for all DomUs.) > > > >> I suppose it could move. Maybe that would be fine? I haven't tried. The >> Hyperlaunch code populates the console grants to point at the hardware >> domain, >> and I just followed that. >> >> One aspect of why I left most things running in the Hardware domain was to >> not >> run things in the Control domain. If Control is the highest privileged >> entity, we'd rather run software in lower privileged places. Especially >> something like xenconsoled which is receiving data from the domUs. > > Yes, I agree with Jason. It is a bad idea to run xenconsoled in the > Control Domain because the Control Domain is meant to be safe from > interference. We want to keep the number of potential vehicles for > interference down to a minimum and shared memory between Control Domain > and DomUs is certainly a vehicle for interference.
As much as it is when xenconsoled runs in the hardware domain? Especially if the hardware domain is also running e.g. PV backends or qemu instances? Jan
