WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] Re: Users can provide their own kernels?

from [Michael Paesold] [Permanent Link][Original]
To: "Mark Williamson" <mark.williamson@xxxxxxxxxxxx>, <xen-users@xxxxxxxxxxxxxxxxxxx>
Subject: Re: [Xen-users] Re: Users can provide their own kernels?
From: "Michael Paesold" <mpaesold@xxxxxx>
Date: Thu, 16 Jun 2005 11:03:46 +0200
Cc: Andrew Thompson <andrewkt@xxxxxxxxxxx>
Delivery-date: Thu, 16 Jun 2005 09:02:59 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <36967cc905061503081361da34@xxxxxxxxxxxxxx><200506151435.39378.mark.williamson@xxxxxxxxxxxx><42B03D4E.3060005@xxxxxxxxxxx> <200506151546.14870.mark.williamson@xxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx 
Mark Williamson wrote:
In Xen, the guest kernel has no part in enforcing interdomain security - Xen 
does that.  Simply by running a kernel in a domU, it is unprivileged.
Kernels running in a domU never have any special privileges unless you
explicitly grant them from dom0.  This is unlike UML / vservers, where a
compromise of the VM's kernel can allow a user to "escape".

The only reason we provide a separate xenU kernel is because it's a bit
smaller than the xen0 kernel. The guest bootloader takes advantage of this 
support to allow users to compile their own guest kernels and select them
themselves.

So it's safe, don't worry ;-)


What about guest kernels not built with ARCH=xen? Would they just crash?

Best Regards,
Michael Paesold 

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xen-users] Boot up, Shahzad Chohan
Next by Date:  Re: [Xen-users] Re: Users can provide their own kernels?, Mark Williamson
Previous by Thread:  Re: [Xen-users] Re: Users can provide their own kernels?, Mark Williamson
Next by Thread:  Re: [Xen-users] Re: Users can provide their own kernels?, Mark Williamson
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy