[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Xen architecture

> So, the two questions are:
> (1)  Can a GuestOS ever bypass the Xen boundaries?  

We can't guarantee there aren't bugs in Xen, but that's certainly
the design goal.  Maintaining isolation between guests is
paramount. The trick is doing it with good performance. That's
what makes Xen fun to work on ;-)

> (2)  How big (in lines of code) is the subsystem in Xen that enforces this?

The hard/clever part is memory protection. That's mostly
implemented in common/memory.c which is 1100 lines. The whole of
Xen is 20 times that, but there's a lot of hardware
initialisation code etc that isn't "guest facing". 


SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.