WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] Re: Users can provide their own kernels?

Mark Williamson wrote:
In Xen, the guest kernel has no part in enforcing interdomain security - Xen
does that.  Simply by running a kernel in a domU, it is unprivileged.
Kernels running in a domU never have any special privileges unless you
explicitly grant them from dom0.  This is unlike UML / vservers, where a
compromise of the VM's kernel can allow a user to "escape".

The only reason we provide a separate xenU kernel is because it's a bit
smaller than the xen0 kernel. The guest bootloader takes advantage of this
support to allow users to compile their own guest kernels and select them
themselves.

So it's safe, don't worry ;-)

What about guest kernels not built with ARCH=xen? Would they just crash?

Best Regards,
Michael Paesold

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users