WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] DomU with modules?

from [Andrew Ross] [Permanent Link][Original]
To: Adam Seering <aseering@xxxxxxxxx>
Subject: Re: [Xen-users] DomU with modules?
From: Andrew Ross <aross@xxxxxxxxxx>
Date: Sat, 26 Aug 2006 15:05:15 +1000
Cc: Sven Köhler <skoehler@xxxxxx>, xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Fri, 25 Aug 2006 22:06:06 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <DC93B284-624C-4062-A91E-BDC570DCB22B@xxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Openpgp: id=D0A1507C
Organization: Gentoo
References: <eccdmf$7q2$1@xxxxxxxxxxxxx> <DC93B284-624C-4062-A91E-BDC570DCB22B@xxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Thunderbird 1.5.0.5 (Macintosh/20060719) 
Adam Seering wrote:

>> 1. do you always compile seperate kernels for Dom0 and DomU? What's the
>> advantage?
> 
> In theory, domU kernels don't need many drivers at all, since they
> generally don't have physical hardware access.  If you compile the
> kernels separately, your domU kernels can be quite small, which
> theoretically gives you a performance advantage.  I don't know if
> there's another advantage to the split compiling.

A smaller domU kernel means less exploitable code, which is
theoretically a plus for security.

However, if you're worried about that sort of thing you should really be
focusing on having SELinux, RSBAC or PaX/GrSecurity in your domUs and dom0.

>> 3. Is there some way to access files of Dom0 within the DomUs? Is there
>> some other way then NFS to do this?

> A while ago, I read about an attempt to make a Xen-optimized filesystem
> to do exactly what you want.

That would be XenFS (http://wiki.xensource.com/xenwiki/XenFS), for
anyone who's interested.

Cheers

Andrew

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-users] /lib/tls.disabled or xen-friendly glibc?, Andrew Ross
Next by Date:  Congratulations, felicialanza
Previous by Thread:  Re: [Xen-users] DomU with modules?, Adam Seering
Next by Thread:  [Xen-users] Problems: xen with 4 processors!, Rodrigo Lord
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy