Le 14/01/2026 à 09:41, Jürgen Groß a écrit :
On 14.01.26 09:20, Alexandre GRIVEAUX wrote:
Le 14/01/2026 à 08:43, Jürgen Groß a écrit :
Yes. This is why I don't like the wording "inside guest", which is
just not
true.
Before wasting more time for that side, there is chroot with
bind-mount of DomU FS.
Rephrasing like this should be more than enough:
# Enable to use a grub2 emulation boot instead of direct kernel boot.
Please be aware that we are trying to phase out pygrub, as it widens
the
attack surface of dom0 from a guest. pygrub needs to look into guest
controlled file systems, so any bug in the related code (e.g.
failure to
handle a corrupted or maliciously modified file system) might result in
security issues like code injection.
Effectively, if pygrub is on verge of being phased out, there is not
need for this patch...
:-)
But could you point me to the discussion of alternatives ? As pygrub
allow a more easy management...
Oh, the fun of selecting the grub variant. :-)
There are:
- pygrub as discussed already
- grub-pv (32- and 64-bit) and grub-pvh: official flavors of grub2 for
PV and
PVH guests, selected by specifying them as the kernel to boot,
running in
domU context
- pvgrub (32- and 64-bit): legacy grub 0.97 variants based on Mini-OS
for PV
guests, selected by specifying them as the kernel to boot, running
in domU
context
Should this be noted to the wiki ?
Yes. Documentation should really be enhanced.
No problem to that, I have commit access to the wiki but beside
updating, I need to test it, and check if Debian have packaged grub-pv...
For me the pvgrub should also be noted as being phased out in favor of
grub-pv.
As for me the documentation should be usable by user without advanced
knowledge to read code.
So I'm on the edge whether we really should make it easier to use
pygrub.
Legit, Should patch subject need to be [RFC PATCH] ?
No, I don't think so. Others might have other opinions than me
regarding pygrub.
Juergen
Ok.
Thanks.
