On 14.01.26 08:26, Alexandre GRIVEAUX wrote:
Le 13/01/2026 à 07:15, Juergen Gross a écrit :On 12.01.26 23:44, Alexandre GRIVEAUX wrote:Update files exemples PV&PVH for non direct kernel boot with pygrub.Signed-off-by: Alexandre GRIVEAUX <[email protected]> --- tools/examples/xlexample.pvhlinux | 3 +++ tools/examples/xlexample.pvlinux | 3 +++ 2 files changed, 6 insertions(+)diff --git a/tools/examples/xlexample.pvhlinux b/tools/examples/ xlexample.pvhlinuxindex 18305b80af..2bdd43c2c5 100644 --- a/tools/examples/xlexample.pvhlinux +++ b/tools/examples/xlexample.pvhlinux @@ -25,6 +25,9 @@ kernel = "/boot/vmlinuz" # Kernel command line options extra = "root=/dev/xvda1" +# Enable to use a grub2 emulation inside guest instead of direct kernel boot.I don't think this is correct. pygrub is running in dom0, not in the guest. JuergenHello,I doesn't understand your reply, yes pygrub is running on the Dom0, and this goal is to behave like there is a grub2 on the DomU.
Yes. This is why I don't like the wording "inside guest", which is just not true. Please be aware that we are trying to phase out pygrub, as it widens the attack surface of dom0 from a guest. pygrub needs to look into guest controlled file systems, so any bug in the related code (e.g. failure to handle a corrupted or maliciously modified file system) might result in security issues like code injection. So I'm on the edge whether we really should make it easier to use pygrub. Juergen
OpenPGP_0xB0DE9DD628BF132F.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
