On 2025-06-11 09:27, Jan Beulich wrote:
On 11.06.2025 00:57, Jason Andryuk wrote:
Allow the hwdom to access the console, and to access physical
information about the system.
xenconsoled can read Xen's dmesg. If it's in hwdom, then that
permission would be required.
Why would xenconsoled run in the hardware domain? It's purely a software
construct, isn't it? As a daemon, putting it in the control domain may
make sense. Otherwise it probably ought to go in a service domain.
My approach has been to transform dom0 into the hardware domain and add
a new control domain. xenconsoled was left running in the hardware domain.
I suppose it could move. Maybe that would be fine? I haven't tried.
The Hyperlaunch code populates the console grants to point at the
hardware domain, and I just followed that.
One aspect of why I left most things running in the Hardware domain was
to not run things in the Control domain. If Control is the highest
privileged entity, we'd rather run software in lower privileged places.
Especially something like xenconsoled which is receiving data from the
domUs.
Running in a service domain is a good suggestion, but we haven't made it
that far.
Regards,
Jason
