On Tue, 2012-07-17 at 11:33 -0400, Konrad Rzeszutek Wilk wrote: > > The only thing that comes to my mind is PCI passthrough, as it probably > > could be thought at something allowing physical memory accesses... Or is > > the control Xen/qemu provides over it sufficient? (Again, I think the > > same could apply to KVM, right?). > > Right, and also kexec for example. There is code loaded from userspace > binary into the kernel to deal with a crashed kernel. Its called > purgatory code. > I see. > What I am not clear is how far the "chain of trust" needs to go - b/c > this also would imply module signing - which is right now _not_ in the > upstream kernel. > It sure does, and in fact, module signing figures in the (still drafted) Fedora's plan: http://mjg59.dreamwidth.org/12368.html ("Signed modules are obviously troubling from a user perspective. We'll be signing all the drivers that we ship [...]"). The X server is also mentioned there, so I guess qemu (it open /dev/mem as root after all, doesn't it?) could be a candidate either? :-O Thanks and Regards, Dario -- <<This happens because I choose it to happen!>> (Raistlin Majere) ----------------------------------------------------------------- Dario Faggioli, Ph.D, http://retis.sssup.it/people/faggioli Senior Software Engineer, Citrix Systems R&D Ltd., Cambridge (UK)
Attachment:
signature.asc
Description: This is a digitally signed message part
-- xen mailing list xen@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/xen
