RE: [Xen-ia64-devel] Time for hybrid virtualization?
> I am worried with Sal/Pal. How do you prevent dom0 from making host
> PAL calls?
We have handled this before in a private project.
Xen can know the pal_entry and sal_entry from the system_table,
There are two methods to intercept them.
1. change the pal_entry and sal_entry of system_table to faked entry
2. patch pal_entry and sal_entry code to jump to a faked code sequence.
Method 2 is more secure, because native FW may store pal_entry and
sal_entry at other place.
Method 1 deponds on pal_entry and sal_entry code, we at least need to
find a good place to put one slot "break 0xxxx"
to intercept pal/sal call.
>>> * Building a dom0 vti means porting backend, balloon and all other
>>> drivers to Vti.
>> Dom0 Vti just mean that cpu virtulaization is using VT-i( privileged
>> intruction emulation). All other should be same.
>> We may need to modify backend, ballon and other drivers a little.
> If we really want to reduce kernel maintenance, it would be great to
> able to run an unmodified kernel. But I am maybe going too far!
We can do it step by step deponding on performance and requirement.
The first step is to use VT to intercept priviledge instruction, this
may reduce half of xenlinux patch.
Then we try to modify linux as little as possible.
Xen-ia64-devel mailing list