[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Xen-users] Minimal Hypervisor Size?

  • To: "Dave Cameron" <dave@xxxxxxxxxxxxxxxxxx>, xen-users@xxxxxxxxxxxxxxxxxxx
  • From: "Petersson, Mats" <Mats.Petersson@xxxxxxx>
  • Date: Wed, 16 Aug 2006 11:11:01 +0200
  • Delivery-date: Wed, 16 Aug 2006 02:12:03 -0700
  • List-id: Xen user discussion <xen-users.lists.xensource.com>
  • Thread-index: AcbAvsoS5/qv1XqBRUmILgdbSV6+nAAU1jXw
  • Thread-topic: [Xen-users] Minimal Hypervisor Size?
> -----Original Message-----
> From: xen-users-bounces@xxxxxxxxxxxxxxxxxxx 
> [mailto:xen-users-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of 
> Dave Cameron
> Sent: 15 August 2006 22:33
> To: xen-users@xxxxxxxxxxxxxxxxxxx
> Subject: Re: [Xen-users] Minimal Hypervisor Size?
> 
> > What about hardware support, you'd still need some way to emulate
> > hardware or it wouldn't be a whole lot of use. You'd have 
> to rip a whole
> > chunk of code out of Linux or BSD.
> > 
> > On Tue, 2006-08-15 at 16:13 -0500, dfeustel@xxxxxxxxxxxxxx wrote:
> > > How large would a hypervisor be if it were constructed
> > > as the smallest program supporting the virtualization of
> > > unmodified operating systems only (i.e. no linux-specific
> > > features, no para-virtualization)?
> 
> Would not the hardware support need to be OS-independent in order
> to work with the (unspecified) unmodified operating systems?

Xen itself doesn't know anything about hardware - so you _MUST_ have a
Dom0 to support the actual hardware accesses for full virtualization.
Thus, you must also have para-virtualization... Note that this is fully
intentional: Drivers for hardware support is hard work to implement,
which is why using a regular, already exisiting set of drivers in an
existing OS is the smart thing to do. Further to that, it keeps the Xen
hypervisor itself small, and thus more easily managed and maintained,
more secure [since there is generally X bugs per Y lines of code - more
lines -> more bugs, some of which will have security implications] -
also smaller amount of code is possible to code-review for security more
easily than, say, a full Linux that has millions of lines of code. 

Although, in theory, it would be possible to remove reliance on
para-virtual Dom0, and use a fully-virtualized Dom0 that has full access
to hardware. It would still need to have some special functionality to
communicate hardware accesses by other (DomU) guests via Xen to Dom0 -
so there is still a need for a fair amount of the code used by
Para-virtualization to support the DomU to Dom0 communication. 

Much of the code in Xen is to deal with the management of page-tables,
which of course will still be needed for fully-virtualized guests -
although some small amount may be changed if there is no need to support
more than one mode of page-tables - although that's unlikely to make a
HUGE impact on the size of the code... 

N.B. I haven't actually analyzed exactly how much code is in what
portion of Xen - this is just by having worked with Xen for over a year
and implemented some of the SVM (Hardware virtual support) in Xen. 

--
Mats



_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.