WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

[Xen-users] Re: Users can provide their own kernels?

Mark Williamson wrote:
Using the kexec approach, there'd be a bootloader kernel in dom0 that initially runs in the domain, mounts the FS and finds the appropriate files. Kexec is then used to jump into execution of a kernel from the guest filesystem. Thus the bootloader runs in the domU *and* the guest kernel is in the domU filesystem.
The second approach is a bit more complicated to implement (from a developer 
PoV) but does have the advantages that all access to the guest filesystem 
occurs in an unprivileged domain and that it can immediately support all 
filesystems Linux will support.  *however* this will arguably be most 
important to people who are a) paranoid about security (highly untrusted 
guests) or b) use really weird filesystems ;-)
This is very disconcerting to someone who was looking at renting out 
domU space on a Xen machine.
Will there be options to prevent a domU that booted a dom0 kernel from 
accessing xend? I'd hate for an abusive user to balloon all the other 
domUs to 16MB RAM and balloon themselves to 1GB RAM, play with 
scheduling parameters, or randomly kill off other domUs.
If this is controlled by ip/mac or other magic, please let me know and 
we'll just forget I asked...
--
Andrew Thompson
http://aktzero.com/

Attachment: andrewkt.vcf
Description: Vcard

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users