On 06.03.2025 23:03, Jason Andryuk wrote: > This is useful for a combined hardware/xenstore domain that will run > init-dom0less and xenstored. init-dom0less calls xc_hvm_param_get() to > retrieve the xenstore event channel and pfn to configure xenstore for a > guest. With a hypervisor-allocated event channel and page, the > set_hvm_param is not needed, and the normal domid permissions will allow > xenstored to connect. > > Similarly, a hyperlaunch-ed xenstore stubdom needs to read a domain's > xenstore event channel out of hvm_param. > > This allows reading but not modifying the guest, so allow the permission. > > Signed-off-by: Jason Andryuk <jason.andr...@amd.com>
Since this is exposing the entire param space to Xenstore, what I'm missing is a security discussion for existing as well as potential future params. There could well be some that better wouldn't be available for Xenstrore to fetch. Jan
