[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] RE: Building domains as a lesser user (was Re: [Xen-devel]bootloaders for domain != 0)

  • To: "Jeremy Katz" <katzj@xxxxxxxxxx>
  • From: "Ian Pratt" <m+Ian.Pratt@xxxxxxxxxxxx>
  • Date: Fri, 4 Feb 2005 13:44:43 -0000
  • Cc: <xen-devel@xxxxxxxxxxxxxxxxxxxxx>
  • Delivery-date: Fri, 04 Feb 2005 13:46:16 +0000
  • List-id: List for Xen developers <xen-devel.lists.sourceforge.net>
  • Thread-index: AcUKvGKuK9sH7JMISjSE6lMjf2qU0wAAj3LA
  • Thread-topic: Building domains as a lesser user (was Re: [Xen-devel]bootloaders for domain != 0)

> > I don't see why the filesystems would particularly need to 
> be modular, though you might do so for convenience. 
> Because if the kernel is _different_ than every other kernel being
> shipped by a distribution, then it's a major pain.  It also ends up
> giving people a lot less flexibility (because if I were to do 
> that, for
> example, it would only have ext[23] support leaving users of
> reiserfs/xfs/jfs/foofs out in the cold whereas with a modular 
> solution,
> they can at least add the support for what they want).

It's no worse than the current situation with GRUB where if vendors want
to use some random file system for /boot they have to add it to grub.

I'd imagine most vendors would want to use the same kernel for the boot
loader that they use when running normally. It'll just be a difference
in the contents of the initrd. 
> > > And then, it's yet another kernel to keep updated, etc.
> > 
> > I don't see any reason to keep it up to date. Its running 
> in a protected
> > environemnt and doesn't have any extra access that the 
> kernel about to
> > be booted is going to get.
> Users don't tend to take that answer very well ;)  The protected
> environment means you can have a little bit longer to fix it, but they
> have things like audit requirements, etc.  And just because 
> it's running
> in a protected environment doesn't mean it's bug-free.  Or that it's
> going to be able to stand still as filesystem features are added, etc.
> This ends up being less of a concern with minimalistic implementations
> for reading filesystems like grub's and libext2fs.

The boot loader kernel would be running with no more privilege than the
kernel being loaded, and doesn't have any user facing interfaces other
than a boot menu (though you might include a network stack for a network
boot you wouldn't run any services). 
Anyhow, there's no reason not to keep it up to date as there's no reason
not to just use whatever you're running on dom0, with a slghtly
different initrd (or different kernel command line option to the
existing initrd)


This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag-&-drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl
Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.