Mailing List Archive: Using xen with separated hardware configurations

Using xen with separated hardware configurations

Jul 12, 2005, 6:55 AM

Post #1 of 5 (701 views)

Hi there,

We'd like to utilise Xen to hide and enable specific hardware components
of a computer system for specified operating systems.

We have, for example, an USB-device and a device on the PCI-bus. We'd
like to run two instances of an operating system (two kernels) on a dual
Xeon cpu-hardware configuration. Each kernel on one such cpu would be
nice, of course.

We would like to make the USB-device usable on two instances of an
operating system, whereas for the device on the PCI-bus we only want to
make it accessible for one of the two instances.

Is this (already) possible with the Xen-technology? If so, how to do
this (where can I find the documentation for it?). If not, is it
planned? Or do the Xen developers at this moment feel that this
shouldn't ever be in the scope of the project?

Thanks

--
Philip Van Hoof, Software Developer @ Cronos
home: me at pvanhoof dot be
gnome: pvanhoof at gnome dot org
work: philip dot vanhoof at cronos dot be
junk: philip dot vanhoof at gmail dot com
http://www.pvanhoof.be/

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Re: Using xen with separated hardware configurations [ In reply to ]

mark.williamson at cl

Jul 12, 2005, 5:49 AM

Post #2 of 5 (689 views)

Permalink

> We'd like to utilise Xen to hide and enable specific hardware components
> of a computer system for specified operating systems.
>
> We have, for example, an USB-device and a device on the PCI-bus. We'd
> like to run two instances of an operating system (two kernels) on a dual
> Xeon cpu-hardware configuration. Each kernel on one such cpu would be
> nice, of course.

Easily done, just specify the CPU in the config file.

> We would like to make the USB-device usable on two instances of an
> operating system,

What kind of device is it? If it's a block device or a network device, this
is already easily doable. If it's some other kind of device then the sharing
semantics are less clear.

Xen 3.0 should have the ability to attach an arbitrary USB device to a domain.
You won't be able to share it simultaneously but there would be nothing to
stop you swapping the device between the domains as required.

> whereas for the device on the PCI-bus we only want to
> make it accessible for one of the two instances.

You can do this in Xen 2.0 but it's a little unfriendly at the moment - I see
you've found some information on this. Note that once you've givien a domain
control of a device,on the PCI bus you do have to trust it (and its
applications) to be non-malicious.

People are using the PCI bus sharing part of Xen very happily "in the wild" to
allow their guest domains to function as routers / firewalls, Asterisk PBXes,
etc.

Cheers,
Mark

> Is this (already) possible with the Xen-technology? If so, how to do
> this (where can I find the documentation for it?). If not, is it
> planned? Or do the Xen developers at this moment feel that this
> shouldn't ever be in the scope of the project?
>
>
> Thanks

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Re: Using xen with separated hardware configurations [ In reply to ]

mark.williamson at cl

Jul 12, 2005, 7:01 AM

Post #3 of 5 (692 views)

Permalink

> It's an USB-stick like device. I'm guessing a block-device. We don't
> have the source code of the kernel module and/or software that uses the
> device. We get this from our supplier.

x86 binary kernel modules don't like running under Xen: they should be
recompiled. Can you get your supplier to build against a XenLinux source
tree for you? There was talk of improving the compatibility with native
Linux modules but the response seemed lukewarm.

> > You can do this in Xen 2.0 but it's a little unfriendly at the moment
> > - I see you've found some information on this. Note that once you've
> > givien a domain control of a device,on the PCI bus you do have to
> > trust it (and its applications) to be non-malicious.
>
> Of course. I understand.

The way PCI virtualisation is done in Xen 2.0 allows any app in a driver
domain to fool around with the device's IO ports. This is for various nasty
technical reasons due to the way x86 protects IO ports. This model works
well for dedicated "driver domains" but should probably be made to work
differently for the kind of system partitioning many people are doing.

Future chipsets should include better DMA protection - this'll enable us to
trust domains with dedicated PCI cards less than otherwise necessary.

Cheers,
Mark

> > People are using the PCI bus sharing part of Xen very happily "in the
> > wild" to allow their guest domains to function as routers / firewalls,
> > Asterisk PBXes,
> > etc.
>
> Sounds promising.
>
> Thanks

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Re: Using xen with separated hardware configurations [ In reply to ]

spam at pvanhoof

Jul 12, 2005, 7:03 AM

Post #4 of 5 (688 views)

Permalink

On Tue, 2005-07-12 at 15:55 +0200, Philip Van Hoof wrote:

> We would like to make the USB-device usable on two instances of an
> operating system, whereas for the device on the PCI-bus we only want
> to make it accessible for one of the two instances.

I found some information about this in the mailinglist myself:

physdev_dom0_hide=(xx.yy.z)

Has this feature (already) been documented? Where can I find more
information about it? What other features and utilities might help me
getting the concept to work with Xen?

--
Philip Van Hoof, Software Developer @ Cronos
home: me at pvanhoof dot be
gnome: pvanhoof at gnome dot org
work: philip dot vanhoof at cronos dot be
junk: philip dot vanhoof at gmail dot com
http://www.pvanhoof.be/

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Re: Using xen with separated hardware configurations [ In reply to ]

spam at pvanhoof

Jul 12, 2005, 7:43 AM

Post #5 of 5 (690 views)

Permalink

On Tue, 2005-07-12 at 13:49 +0100, Mark Williamson wrote:

> What kind of device is it? If it's a block device or a network
> device, this is already easily doable. If it's some other kind of
> device then the sharing semantics are less clear.

It's an USB-stick like device. I'm guessing a block-device. We don't
have the source code of the kernel module and/or software that uses the
device. We get this from our supplier.

> Xen 3.0 should have the ability to attach an arbitrary USB device to a
> domain. You won't be able to share it simultaneously but there would
> be nothing to stop you swapping the device between the domains as
> required.

Ok.

> > whereas for the device on the PCI-bus we only want to
> > make it accessible for one of the two instances.

> You can do this in Xen 2.0 but it's a little unfriendly at the moment
> - I see you've found some information on this. Note that once you've
> givien a domain control of a device,on the PCI bus you do have to
> trust it (and its applications) to be non-malicious.

Of course. I understand.

> People are using the PCI bus sharing part of Xen very happily "in the
> wild" to allow their guest domains to function as routers / firewalls,
> Asterisk PBXes,
> etc.

Sounds promising.

Thanks

--
Philip Van Hoof, Software Developer @ Cronos
home: me at pvanhoof dot be
gnome: pvanhoof at gnome dot org
work: philip dot vanhoof at cronos dot be
junk: philip dot vanhoof at gmail dot com
http://www.pvanhoof.be/

_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users