Micro Kernel
 » 
l4ka project
 » 
L4Ka

 « Return to Thread: Virtualization future.

RE: Virtualization future.

by Christopher Nelson :: Rate this Message:

Reply to Author | View in Thread

> On Mar 9, 2006, at 7:30 AM, Christopher Nelson wrote:
>
> >>
> >>> As I understand Xen, it must run on linux.  VMWare ESX
> server is a
> >>> microkernel that's very close to the hardware.  It does
> not require
> >>> windows or linux to run on top of.
> >>>
> >> Xen runs on NetBSD, Linux and can run on FreeBSD with
> patches that I
> >> think will be in FreeBSD 6.1.
> >
> >
> > Actually, it's the other way around.  NetBSD, Linux, and
> FreeBSD run
> > on XEN. Xen is a hypervisor, and it runs BELOW the OS.  
> Otherwise the
> > OS's wouldn't be able to be virtualised, would they?  Even on
> > VMX-enabled procs, the OS's have to run on top of Xen, not
> vice-versa.
> >
> > You may be thinking about the dom0 OS, that provides the
> services for
> > other OS's.
> >
>
> Pedant alert! [just kidding, it's worth clarifying :)]
>
> I am, in fact, talking about the fact that Xen "lives inside" (and
> outside) the kernels of NetBSD, Linux and FreeBSD, and that
> these 3 run in ring 0 on Intel CPUs. Any of those three can
> be used to manage guest OSes running in Ring1.

Xen is no more inside the dom0 OS than Linux or Windows is inside your
application, whatever that may be.  They are layers.  Xen provides
services, the next layer up utilizes those services.  Even the
"idealized driver" provision is more like IPC than anything else.  Guest
OS's call Xen services, much like an application calls OS services.

According to Xen docs, no guest OS runs at the same privilege level as
the hypervisor, and thus not even the dom0 guest OS runs in ring 0.  

>
> Of course with VMX extensions I think even ring0 is able to
> be context switched via some assembly routines, which is why
> it's possible to run things like Windows that haven't been
> ported (in a released form) to use the Xen hypercalls as
> several guest OSes  have.

With VMX turned on, the processor now has a ring -1.  Xen executes in
ring -1, and full virtualization (vs. Xen's normal paravirtualization)
is possible.  The processor accurately traps all privileged
instructions, which it does not do otherwise.

-={C}=-

 « Return to Thread: Virtualization future.

Free embeddable forum powered by Nabble Forum Help