|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] sidecar (hvm shim) creation script
Draft README.
My git branch is bere
xenbits.xen.org:/home/iwj/ext/xen.git#wip.sidecar
(This contains the converter script too. The git history is not very
useful and the files are in the wrong place, but I needed somewhere to
do my work.)
Ian.
PV-in-HVM shim with "sidecar" ISO
=================================
Summary
-------
This README describes a mitigation strategy for Meltdown.
The basic principle is to run PV guests (which can read all of host
memory due to the hardware bugs) as HVM guests (which cannot, at least
not due to Meltdown). The PV environment is still provided to the
guest by an embedded copy of Xen, the "shim".
Properties of this approach
---------------------------
This strategy has the following inherent properties:
* It is readily deployable
* No hypervisor reboot is required
* Guest reboots are required
* Guest configs must be fed through a converter program
* The converter program spits out a small guest-specific .iso
image (we call this a "sidecar") used for booting
* Because the result is an HVM guest, this approach involves
running qemu as a PC emulator (this is done automatically)
The embedded copy of Xen we recommend using with this strategy implies
the following properties:
* This shim has been subjected to intensive testing by Amazon
* Therefore we think it is very stable
* We believe it is compatible back to Xen 3.4
* Unfortunately, various Xen features are not supported, notably:
migration, dynamic guest memory adjustment ("ballooning"),
vcpu hotplug.
The current implementation of the converter program implies:
* "bootloader=" in config files - notably, "pygrub",
is not currently supported.
* pvgrub (pvgrub1, pvgrub2) is, however, supported.
* direct kernel boot is supported
* xl domain configurations are supported.
* xm domain configurations have not been tested but may work.
* libvirt's domain configuration arrangements are not supported.
Alternative approaches
----------------------
* PVH
Users who are using Xen 4.10 (or can upgrade) should use PVH
for guests which support it. (PVH aka "PVHv2" requires guest
kernel support.)
We intend to backport PVH support to Xen 4.8.
* PV-in-PVH
We have a work-in-progress which runs PV guests with a shim, as
above, but where the shim runs as a PVH rather than PV guest.
This will be available for Xen 4.10 in the first instance,
but is not available today.
What you will need
------------------
* Your host must be able to run grub-mkrescue to generate a .iso
* You will therefore need xorriso and mtools
* You must be using xl and able to use an alternative your guest config
* You will need the script "pvshim-converter"
* You will need the xen.git branch XXXX TBD
Instructions
------------
1. On a suitable system (perhaps a different host)
git clone XXXXX TBD
git checkout XXXXX TBD
XXXX runes to configure and build only the whim
This will build a file
dist/install/usr/local/lib/xen/boot/XXX-SOMETHING
2. Copy that file to your dom0.
3. Copy the script pvshim-converter to your dom0 and make
it executable:
chmod +x pvshim-converter
4. For each guest
(i) if the guest is currently booted with pygrub you must first
switch to direct kernel boot, by manually copying the kernel and
initramfs out of the guest, and configuring the command line in the
domain configuration file.
(ii) run
./pvshim-converter /etc/xen/GUEST.cfg /etc/xen/GUEST.with-shim-cfg
(iii) shut the guest down cleanly
(iv) create the guest with the new config
xl create /etc/xen/GUEST.with-shim-cfg
(v) Check that it boots properly. xl console should work.
(vi) Make arrangements so that autostarting of the guest will use
the new config file rather than the old one
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |