Domains can't allocate more than you set using the 'xm maxmem' command. By
default AFAIK they can only shrink themselves.
I'm not sure this has been mentioned particularly explicitly alhtough the area
got discussed a while back.
Cheers,
Mark
On Thursday 30 September 2004 20:21, Brian Wolfe wrote:
> Question from a security standpoint...
>
> How exactly does this proc control relate to the memory parameter
> specified when you star tthe domain? Can an unprivileged domain increase
> it's memory footprint to MORE than the originally specified mem_size? Or
> is this just a local control of up to the originally specified mem_size?
>
> If it's arbitrary (not constrained by mem_size) then I'd have to point
> out that some of us do NOT want this control to be allowed to go beyond
> what mem_size originally sets the domain at in unprivileged domains.
> Privileged domains would be exempted from this max limit of course. ;)
>
> If i'm just not paying attention and this was already explained, feel
> free to smack me. :)
>
> On Thu, 2004-09-30 at 08:26, Mark A. Williamson wrote:
> > > For people that still use linux 2.4 (like me) is there a tutorial or
> > > some documentation about the ballon driver ?
> >
> > Documentation, 2.6 support and facilities to control other domain's
> > balloons using xm in domain 0 are cooking and should be ready shortly.
> >
> > In the meantime, do:
> > # echo target_megabytes > /proc/xen/memory_target
> > To set a new memory footprint. There's a Linux kernel param (mem=..., I
> > think) for setting the maximum amount of memory a domain can handle, if
> > larger than it's initial allocation (i.e. if you want to start with x
> > megabytes but grow it later).
> >
> > Trying to grow the domain's memory beyond what it's expecting (the
> > initial allocation or the kernel param if you specified that) will not
> > work.
> >
> > Use:
> > # cat /proc/xen/memory_target
> > To get the current footprint.
> >
> > HTH,
> > Mark
> >
> > > > > I have been wondering why my Domain-0 machine hasn't been using
> > > > > swap!
> > > > >
> > > > > :o) So I should just dump that partition?
> > > >
> > > > If you've configured swap, domain 0 should be using just like any
> > > > normal linux kernel. The balloon driver works in dom0 just like
> > > > any other domain.
> > >
> > > It seems logical, but due to the fact that only a few process are
> > > running ind dom0, swap file don't need to be huge is it ?
> > >
> > > > > I suppose I'll have to be very rigorous when
> > > > > it comes to keeping that domain lean yes? (Especially as I only
> > > > > have 4GB to play with!). Out side of basic OS functionality, are
> > > > > there any Xen or LVM2 related processes I have to account for when
> > > > > setting the amount of RAM I can use for Domain-0?
> > > >
> > > > -xen linux kernels don't have any special processes that take any
> > > > noticeable extra resources.
> > > >
> > > > In domain 0 you'll have to worry about the footprint of xend, but
> > > > it's not that big.
> > >
> > > When starting with xen one or two month ago, i've created a dom0 with
> > > only 32 Mo of ram, and when i launched xend, it was so slow that i
> > > tought i had a problem.
> > > I didn't take time to investigate and didn't remember how much memory
> > > was used and if the system was swaping or not.
> > > I just have done a test now with my current xen putting 32768 Mo on xen
> > > command line (not the kernel line in grub).
> > > And the system booted a bit slower and i suspect that durring the
> > > launch of xend it has done some swap.
> > > free return this just after the boot :
> > > mat@zeus:/$ free
> > > total used free shared buffers
> > > cached Mem: 32768 28572 4196 0 0
> > > 7172 -/+ buffers/cache: 21400 11368
> > > Swap: 506008 312 505696
> > >
> > > Having this process:
> > > 207 ? Ss 0:00 dhclient -e -pf /var/run/dhclient.eth0.pid
> > > -lf /var/
> > > 253 ? Ss 0:00 /sbin/syslogd
> > > 256 ? Ss 0:00 /sbin/klogd
> > > 261 ? Ss 0:00 /usr/sbin/inetd
> > > 268 ? Ss 0:00 /usr/sbin/sshd
> > > 274 ? S 0:00 xfrd
> > > 275 ? S 0:00 python /usr/sbin/xend start
> > > 288 ? Ss 0:00 /usr/sbin/cron
> > > 327 tty1 Ss+ 0:00 /sbin/getty 38400 tty1
> > > 328 tty2 Ss+ 0:00 /sbin/getty 38400 tty2
> > > 329 tty3 Ss+ 0:00 /sbin/getty 38400 tty3
> > > 330 tty4 Ss+ 0:00 /sbin/getty 38400 tty4
> > > 331 tty5 Ss+ 0:00 /sbin/getty 38400 tty5
> > > 332 tty6 Ss+ 0:00 /sbin/getty 38400 tty6
> > > 333 ? Ss 0:00 sshd: mat [priv]
> > > 335 ? R 0:00 sshd: mat@pts/0
> > > 336 pts/0 Ss 0:00 -bash
> > > 344 pts/0 R+ 0:00 ps ax
> > >
> > > i guess i could reduce the number of getty and get rid of dhclient (the
> > > adress of dom0 is a static one ...).
> > >
> > > It was my 2cents thoughts ...
> > > Matthieu
> > >
> > >
> > > -------------------------------------------------------
> > > This SF.net email is sponsored by: IT Product Guide on
> > > ITManagersJournal Use IT products in your business? Tell us what you
> > > think of them. Give us Your Opinions, Get Free ThinkGeek Gift
> > > Certificates! Click to find out more
> > > http://productguide.itmanagersjournal.com/guidepromo.tmpl
> > > _______________________________________________
> > > Xen-devel mailing list
> > > Xen-devel@xxxxxxxxxxxxxxxxxxxxx
> > > https://lists.sourceforge.net/lists/listinfo/xen-devel
> >
> > -------------------------------------------------------
> > This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
> > Use IT products in your business? Tell us what you think of them. Give us
> > Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out
> > more http://productguide.itmanagersjournal.com/guidepromo.tmpl
> > _______________________________________________
> > Xen-devel mailing list
> > Xen-devel@xxxxxxxxxxxxxxxxxxxxx
> > https://lists.sourceforge.net/lists/listinfo/xen-devel
-------------------------------------------------------
This SF.net email is sponsored by: IT Product Guide on ITManagersJournal
Use IT products in your business? Tell us what you think of them. Give us
Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more
http://productguide.itmanagersjournal.com/guidepromo.tmpl
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel
|