Xen devel - Jul 2004 - Getting X to work on XEN unstable / xenolinux 2.4.26

Hello,

I have recently messaged about not being able to use my marvell yukon 
ethernet card with XEN 1.2. I have switched to XEN unstable / xenolinux 
2.4.26 and now my ethernet card works fine. Many thanks to Dr Ian Pratt 
and Dr Keir Fraser for their quick response.

I am now trying to get X to work. My video card is ATI Radeon 9200. To get 
it to work properly even under regular linux I had to install a property 
FGLRX driver from ATI. When I try to ''startx'' from xenolinux
2.4.26
domain0 I get the following error.

========================================Fatal server error:
Caught signal 11.  Server aborting
========================================
That segmentation fault is probably because the FGLRX driver does not work 
under XEN.

Next, I try to ''startx'' again but this time with a basic 
/etc/X11/XF86Config file.
This is a basic XF86Config file that tries to use a generic VESA driver. 
This is the driver I used to load under regular linux before I installed 
the property FGLRX driver from ATI and for most purposes it works fine on 
regular linux.

I get the following error under xenolinux 2.4.26.  

===========================================================================(EE)
VESA(0): unknown type(0xffffffff)=0xff
(II) VESA(0): EAX=0x00004f00, EBX=0x00000000, ECX=0x00000000, 
EDX=0x00000000
(II) VESA(0): ESP=0x00000ffa, EBP=0x00000000, ESI=0x00000000, 
EDI=0x00002000
(II) VESA(0): CS=0xc000, SS=0x0100, DS=0x0040, ES=0x0000, FS=0x0000, 
GS=0x0000
(II) VESA(0): EIP=0x00001cf4, EFLAGS=0x00003200
(II) VESA(0): code at 0x000c1cf4:
 fb fc 80 fc a0 0f 84 a5 f4 80 fc 4f 0f 84 e0 2e
 2e ff 36 9e 11 1e 06 66 60 50 0f b6 c4 d1 e0 3d
(II) stack at 0x00001ffa:
 00 06 00 00 00 32
(II) VESA(0): VESA BIOS not detected
(II) UnloadModule: "vesa"
(II) UnloadModule: "int10"
(II) Unloading /usr/X11R6/lib/modules/linux/libint10.a
(II) UnloadModule: "vbe"
(II) Unloading /usr/X11R6/lib/modules/libvbe.a
(EE) Screen(s) found, but none have a usable configuration.

Fatal server error:
no screens found
===========================================================================
Is there any way to get FGLRX driver to work under Xen or if not to get 
the generic VESA driver to work so that I can have an X session.

Thanks
Richard. 



-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xen-devel

> Next, I try to ''startx'' again but this time with a basic 
> /etc/X11/XF86Config file.
> This is a basic XF86Config file that tries to use a generic VESA driver. 
> This is the driver I used to load under regular linux before I installed 
> the property FGLRX driver from ATI and for most purposes it works fine on 
> regular linux.
Presumably the source for the FGLRX kernel module isn''t
available? If not, it''ll be a struggle to get it going.

As I recall, the VESA driver tries to make calls back to the
bios, which Xen doesn''t support right now (but I suppose in
principle might be able to -- I forget how they work).

Can you not just use the standard XFree86 ''radeon'' driver? It
claims to support the 9200.

Ian





-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xen-devel

> 
> > Next, I try to ''startx'' again but this time with a
basic
> > /etc/X11/XF86Config file.
> > This is a basic XF86Config file that tries to use a generic VESA
driver.
> > This is the driver I used to load under regular linux before I
installed
> > the property FGLRX driver from ATI and for most purposes it works fine
on
> > regular linux.
> 
> Presumably the source for the FGLRX kernel module isn''t
> available? If not, it''ll be a struggle to get it going.
> 
> As I recall, the VESA driver tries to make calls back to the
> bios, which Xen doesn''t support right now (but I suppose in
> principle might be able to -- I forget how they work).
Possible problems include the fact that we don''t map the bottom 1MB of
physical memory 1:1, even in DOM0. Also we don''t support vm86 mode,
and some vesa drivers rely on it.
> Can you not just use the standard XFree86 ''radeon''
driver? It
> claims to support the 9200.
If you''re using an older version of X (e.g., <=4.3.0)
you''ll need to
fake your device''s id by adding e.g.,
    ChipId 0x4242
to a radeon-configured ''Section "Device"'' in your
XF86Config.

Apart from that, you ought to be able to use the open-source radeon
driver with no problems --- the 9200 is backward compatible.

 -- Keir


-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xen-devel

Hi, the CD rom HOWTO seems to be pretty outdated, so I ask some practical 
questions here: (Thanks for the superb support on this mailinglist!)

Because of the sysops at work are hacking on the ip-setup these days I 
have some problems giving IP addresses to my domains. I need to know how 
to ssh or scp to my domains so I can finally benchmark Xen. I guess this 
is pretty intuitive, but the unstable docs are no exisitng :) (I can 
write a howto after this project for you for setting up Xen on Debian 
Sarge if you want - the least I can do after all this support, If you 
wish)

So the first question is: How to I figure out the local ip address for a 
domain so i can SSH it?

After running some domains I got a failure on fcdsk on bootup. How does 
Xen use ONE partitions to give each domain HD space? After shutting down 
the guest OS, where is the data copied into this domain stored and how can 
you actually find this data again? Do you recommend to have one partition 
for each domain? At least it seems like I have something wrong in the 
configs for HD setup.

Again, thank you!

Rune J.A




-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xen-devel

> 
> Hi, the CD rom HOWTO seems to be pretty outdated, so I ask some practical 
> questions here: (Thanks for the superb support on this mailinglist!)
> 
> Because of the sysops at work are hacking on the ip-setup these days I 
> have some problems giving IP addresses to my domains. I need to know how 
> to ssh or scp to my domains so I can finally benchmark Xen. I guess this 
> is pretty intuitive, but the unstable docs are no exisitng :) (I can 
> write a howto after this project for you for setting up Xen on Debian 
> Sarge if you want - the least I can do after all this support, If you 
> wish)
> 
> So the first question is: How to I figure out the local ip address for a 
> domain so i can SSH it?
I think I understand: you''re using DHCP, and the server is
assigning domains random addresses.

Just connect to the domain via it''s console. The easiest way to
do this is just to put ''-c'' on the ''xm
create'' command line.

Alternatively, use ''xm consoles'' to list all the available
consoles, then connect to the listed port e.g.

 xencons localhost 9601
 
> After running some domains I got a failure on fcdsk on bootup. How does 
> Xen use ONE partitions to give each domain HD space? After shutting down 
> the guest OS, where is the data copied into this domain stored and how can 
> you actually find this data again? Do you recommend to have one partition 
> for each domain? At least it seems like I have something wrong in the 
> configs for HD setup.
You could give each domain it''s own physical
partition. Alternatively, use LVM to dynamically chop the
partition up into volumes, each of which you can assign to a
domain e.g. 
  disk = [ ''phy:/dev/vg01/vm%d,sda1,w'' % (vmid) ]

Alternatively, put a file system on the partition and export
files to domains using the loopback device (losetup). This
enables you to use sparse files, allocating disk space on demand.

Make sure you remember to put a filesystem and populate whatever
you decide to use as the domain''s block device!


Best,
Ian



-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xen-devel

> Alternatively, put a file system on the partition and export
> files to domains using the loopback device (losetup). This
> enables you to use sparse files, allocating disk space on demand.
Here''s an example of how to do this:

# e.g. create a 2GB sparse file (actually only consumes 1KB of disk)
dd if=/dev/zero of=vm1disk bs=1k seek=2048k count=1

# choose a free loop back device, and attach file
losetup /dev/loop0 vm1disk

# make a file system on the loop back device
mkfs -t ext3 /dev/loop0

# populate the file system e.g. by copying from the current root
mount /dev/loop0 /mnt
cp -ax / /mnt
# tailor file system e.g. by editing /etc/fstab /etc/hostname etc.
# make sure you unmount !!!
umount /dev/loop0


You can then export the loop device to a domain using e.g.:

disk = [ ''phy:loop0,sda1,w'' ]

As you write to the ''disk'', the sparse file will become filled
in
and consume more space (up to the original 2GB).

One feature we''re planning to add to xend is to have it track
which loop devices are currently free and have it do the
allocation. You''d then be able to assign a file as a VD using:
 [ ''loop:vm1disk,sda1,w'' ] 


Ian


-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xen-devel

Thank you! Which approach do you consider the most secure in order to 
protect a user’s file system from another. In other words, which 
solution is most resistant against hacking? How is Xen designed to 
maintain the security between different users?

Rune


On Jul 17, 2004, at 10:52 PM, Ian Pratt wrote:
>
>> Alternatively, put a file system on the partition and export
>> files to domains using the loopback device (losetup). This
>> enables you to use sparse files, allocating disk space on demand.
>
> Here''s an example of how to do this:
>
> # e.g. create a 2GB sparse file (actually only consumes 1KB of disk)
> dd if=/dev/zero of=vm1disk bs=1k seek=2048k count=1
>
> # choose a free loop back device, and attach file
> losetup /dev/loop0 vm1disk
>
> # make a file system on the loop back device
> mkfs -t ext3 /dev/loop0
>
> # populate the file system e.g. by copying from the current root
> mount /dev/loop0 /mnt
> cp -ax / /mnt
> # tailor file system e.g. by editing /etc/fstab /etc/hostname etc.
> # make sure you unmount !!!
> umount /dev/loop0
>
>
> You can then export the loop device to a domain using e.g.:
>
> disk = [ ''phy:loop0,sda1,w'' ]
>
> As you write to the ''disk'', the sparse file will become
filled in
> and consume more space (up to the original 2GB).
>
> One feature we''re planning to add to xend is to have it track
> which loop devices are currently free and have it do the
> allocation. You''d then be able to assign a file as a VD using:
>  [ ''loop:vm1disk,sda1,w'' ]
>
>
> Ian

> Thank you! Which approach do you consider the most secure in order to
protect
> a user’s file system from another. In other words, which solution is most
> resistant against hacking? How is Xen designed to maintain the security
> between different users? 
The "backend" block driver in dom0 does checks to see if a domain is
allowed
to access a given part of a block device.  These checks are the same no matter 
whether you use a loopback device, ordinary partition, LVM or some other block 
device: they''re all equally secure.  There are no known ways for a
domain to
circumvent this.  Use whichever kind of storage suits your needs best.

It should never be possible for a domain to circumvent these checks unless the 
domain is privileged (i.e. for driver domains or admin purposes, this is NOT 
the usual case).

The only disk sharing between domains is explicit: i.e. if you give them both 
rights to access the same areas of disk in their config files.  This is not 
usually a good idea, unless it''s read only for both of them.

HTH,
Mark 



-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_idG21&alloc_id040&op=click
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xen-devel