[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Anti-virus for use in para-virtualized Xen

  • To: xen-users@xxxxxxxxxxxxxxxxxxx
  • From: "Mark Greenbank" <mark.greenbank@xxxxxxxxx>
  • Date: Wed, 4 Apr 2007 12:41:40 -0400
  • Delivery-date: Wed, 04 Apr 2007 09:40:40 -0700
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=UcEi3B7zp3N1ZuKG/5hIwbMZV3X33I6e604WrIl/dGsHYJ1Vdif2KT08aanTZxCcgYrtFZvIo3IiqZ91d81wAk9KnLHBNzMqsJOgXUEzA/DsN0MgO/vDr8wgD9O3zoqT1nzSlsgqbh/TYEDFeXfCaohkR0KEpR3T3V/TWGn9jvg=
  • List-id: Xen user discussion <xen-users.lists.xensource.com>

On 4/4/07, Petersson, Mats <Mats.Petersson@xxxxxxx> wrote:

> -----Original Message-----
> From: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
> [mailto: xen-users-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of
> Nico Kadel-Garcia
> Sent: 04 April 2007 16:42
> To: xen-users@xxxxxxxxxxxxxxxxxxx
> Subject: [Xen-users] Anti-virus for use in para-virtualized Xen
> I've been looking at anti-virus software for Xen use on Linux
> systems,
> on both Dom0 and DomU, in industrial environments. Reviewing
> documentation on various packages seems to show that all the
> commercial
> ones insist on sticking kernel modules into a limited set of standard
> known kernels. This of course creates some serious risks until the
> anti-virus packages are developed in and tested in Xen environments,
> especially for para-virtualized environments.

I presume the reason they have a standard set of kernels is that they
"meddle" with the kernel and don't supply source-code, which means that
a Xenified kernel doesn't match the expected kernel layout, and thus
can't use the module? [And it's understandable from some aspects that
the AV guys don't really want the V-guys to see the source-code...]

This is a serious limitation with the way the kernel is architected -- a defined kernel interface (e.g., DDI/DKI for both function calls and structures) and loadable modules/drivers are not encouraged, which means that there is a proliferation of customized kernels out there. This really limits the utility of the Linux kernel in a production envronment. I myself am stuck at Core 5 for my (production) laptop since I'm worried that upgrading to the latest+greatest disto will break my VMWare installation and various other components that depend on interfacing with the kernel. I'd love to move to Core 6 but I don't have enough pain to live with having to hack the VMWare modules. With Core 7 around the corner, I suspect that my motivation to hack will increase :)


Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.