This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


RE: [Xen-users] Custom kernel

To: "'Stephen Yum'" <steveyum@xxxxxxxxxxxxxx>, <xen-users@xxxxxxxxxxxxxxxxxxx>
Subject: RE: [Xen-users] Custom kernel
From: "Steffen Heil" <lists@xxxxxxxxxxxxxxx>
Date: Sun, 3 Sep 2006 13:54:57 +0200
Delivery-date: Sun, 03 Sep 2006 04:55:04 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <6212B178-9913-4D3F-8EA2-EB9ABC92B516@xxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: AcbPJkDUoPHWcSnWRzK8oT6rBWdRBAAKHa5Q

> I wouldn't care very much about a few unnecessary load. A fat 
> kernel, give or take a 100k doesn't mean jack.

Agreed, although 1M might make a difference...

> Maybe I'm totally off the wall here, but my dom0 has direct, 
> low level access to hardware - namely the NICs and storage 
> devices (SATA, SCSI, etc.) and the abstraction layers above 
> that (RAID, LVM, etc).  

Yes, your domain 0 has low level access to hardware - because it is loaded
in a way by the hypervisor, which allows that. But that's a decision of the
hypervisor, not of the way the kernel is built.

> Just imagine if the guests had access to the LVM layer. If 
> one of the guests get rooted, they can wipe out the 
> filesystems of other guests, and the host too.

That would be awful, BUT it will neven happen. Even if the running kernel
has such functions built in, it will never be allowed by the hypervisor to
access these devices...

> Your Xen box may be in a different environment than mine. My 
> box is being used for semi-production environment and is 
> connected to a public network. Every domain (about 20 in 
> all), except dom0, is visible from the outside via one port 
> or another through a firewall that is done by one of the guests.

Yes, I am in a different environment. My box is fully in production every
domain has 1-2 public ips, is fully reachable over the internet and is
running software I cannot even controll by customers of mine. They can even
replace the kernel they use on their own. I leave that decition to them. It
would be hazardous if that would give them a way to get control...

> They all work well. But if I were to use a privileged kernel 
> for any of these guests, I don't think I'd be able to sleep at night.

Me too, but the privileges come from the hypervisor, not from the


Attachment: smime.p7s
Description: S/MIME cryptographic signature

Xen-users mailing list
<Prev in Thread] Current Thread [Next in Thread>