port-xen: Re: some questions

Subject: Re: some questions
To: Manuel Bouyer <bouyer@antioche.eu.org>
From: Pavel Cahyna <pcah8322@artax.karlin.mff.cuni.cz>
List: port-xen
Date: 01/07/2006 12:41:52

On Sat, Jan 07, 2006 at 12:20:56PM +0100, Manuel Bouyer wrote:
> On Sat, Jan 07, 2006 at 12:16:14PM +0100, Pavel Cahyna wrote:
> > On Sat, Jan 07, 2006 at 11:54:55AM +0100, Manuel Bouyer wrote:
> > > int
> > > i386_iopl(l, args, retval)
> > > {
> > > [...]
> > > 	if (securelevel > 1)
> > > 		return EPERM;
> > > 
> > > Of course what I said relies on the kernel starting at securelevel 1, which
> > > I said in a previous mail.
> > 
> > How does it help, if there is "securelevel > 1" and not 
> > "securelevel >= 1" ?
> 
> Hum right. So let say we patch the kernel :)

And that we don't forget to patch i386_set_ioperm() too :)

> > Also, how do you start the kernel at securelevel 1?
> 
> gdb --write /usr/pkg/etc/xen/kernels/netbsd-XENU
> set securelevel=1
> quit

How would you fsck / then?

Pavel Cahyna