|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] another question about kernel...
> in a post named "[Xen-users] Openswan and Xen DomainU" I see a strange > thing: a kernel for dom0 used as domU. > How can it works? why? what differences are bretween dom0/domU kernels? In addition to the core Linux code, the xen0 kernel includes all the code for talking to Xen, the code for Xen virtual devices, plus drivers for real hardware devices, plus code to manage and support other domains. The xenU kernel includes just the core Linux code, code for talking to Xen and code for Xen virtual devices. It doesn't include the other stuff, so it's smaller. Apart from the size, there's no functional difference, though: if you boot a xen0 kernel in a domU, the following happens: * it probes for real hardware and finds it doesn't have access to any, so those device drivers don't start * it probe for its privilege level and finds it's not allowed to manage other domains, so it doesn't start the various privileged interfaces that dom0 runs Essentially, it behaves as a domU kernel would. Xen enforces these restrictions so that *even if* it tried to start these drivers and privileged interfaces, it would not be able to. You can actually let a user run *any* kernel they want in a domain without security implications to the rest of the machine (unlike UML, for instance). Cheers, Mark > > regards > > Luca > > _______________________________________________ > Xen-users mailing list > Xen-users@xxxxxxxxxxxxxxxxxxx > http://lists.xensource.com/xen-users _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |