Does someone have a stastics of xen source code? Thereotically, Xen can be a trust computing base because it is simpler than standard operating system. But do we have some concrete data to support this claim? Also, Dom0 is pretty much a standard operating system. If it should be considered as TCB, we might have a lot harder time to argue why it is simpler. One way is to argue that services and applications running in Dom0 can be reduced to minimum. But how to count the source code at this point? Thanks, -x _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Xin Zhao wrote:>Does someone have a stastics of xen source code? > >SLOC Directory SLOC-by-Language (Sorted) 30945 arch ansic=28618,asm=2121,sh=206 21382 include ansic=21382 6629 common ansic=6629 3268 drivers ansic=3268 0 top_dir (none) Totals grouped by language (dominant language first): ansic: 59897 (96.26%) asm: 2121 (3.41%) sh: 206 (0.33%) generated using David A. Wheeler''s ''SLOCCount'' Regards, Anthony Liguori _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Many thanks! Your information is very helpful! :) -x On Fri, 1 Apr 2005, Anthony Liguori wrote:> Xin Zhao wrote: > > >Does someone have a stastics of xen source code? > > > > > SLOC Directory SLOC-by-Language (Sorted) > 30945 arch ansic=28618,asm=2121,sh=206 > 21382 include ansic=21382 > 6629 common ansic=6629 > 3268 drivers ansic=3268 > 0 top_dir (none) > > > Totals grouped by language (dominant language first): > ansic: 59897 (96.26%) > asm: 2121 (3.41%) > sh: 206 (0.33%) > > generated using David A. Wheeler''s ''SLOCCount'' > > Regards, > Anthony Liguori >_______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
You are right, at the moment both Xen and Dom0 are part of the TCB, but there are a few activities going on here. There is some effort in reducing the size of xen by moving some of the platform init code out of Xen. This should significantly reduce the source code size of xen as we can get rid of most of the ACPI and PCI related code. This is primarily a portability related issue, essentially being able to leverage better standard linux platform init code, but also has the side effect of making Xen simpler. Within a security context we are also actively looking at reducing the TCB, basically deconstructing Dom0. Fine grained MAC at it''s current operation is part of the picture as is delegating some of it''s functionality to other domains, in particular the IO functions it currently performs on behalf of other domains, but also things like domain building. The issue of reducing the TCB will probably play a major part in a meeting prior to the xen summit next week. We plan to report back to the list. Rolf> -----Original Message----- > From: xen-devel-bounces@lists.xensource.com [mailto:xen-devel- > bounces@lists.xensource.com] On Behalf Of Xin Zhao > Sent: 01 April 2005 20:58 > To: xen-devel@lists.xensource.com > Subject: [Xen-devel] How many lines of Xen source code > > Does someone have a stastics of xen source code? > > Thereotically, Xen can be a trust computing base because it is simpler > than standard operating > system. But do we have some concrete data to support this claim? > > Also, Dom0 is pretty much a standard operating system. If it should be > considered as TCB, we might have a lot harder time to argue why it is > simpler. One way is to argue that services and applications running in > Dom0 can be reduced to minimum. But how to count the source code atthis> point? > > Thanks, > -x > > _______________________________________________ > Xen-devel mailing list > Xen-devel@lists.xensource.com > http://lists.xensource.com/xen-devel_______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Neugebauer, Rolf wrote:> Within a security context we are also actively looking at reducing the > TCB, basically deconstructing Dom0. Fine grained MAC at it''s current > operation is part of the picture as is delegating some of it''s > functionality to other domains, in particular the IO functions it > currently performs on behalf of other domains, but also things like > domain building. > > The issue of reducing the TCB will probably play a major part in a > meeting prior to the xen summit next week. We plan to report back to the > list.If any Xen people are going to USENIX NSDI in Boston in May, perhaps it would be a good idea to arrange a Xen BOF session there? Jacob _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel