Xen users - Jul 2005 - Using xen with separated hardware configurations

> We''d like to utilise Xen to hide and enable specific hardware
components
> of a computer system for specified operating systems.
>
> We have, for example, an USB-device and a device on the PCI-bus.
We''d
> like to run two instances of an operating system (two kernels) on a dual
> Xeon cpu-hardware configuration. Each kernel on one such cpu would be
> nice, of course.
Easily done, just specify the CPU in the config file.
> We would like to make the USB-device usable on two instances of an
> operating system,
What kind of device is it?  If it''s a block device or a network device,
this
is already easily doable.  If it''s some other kind of device then the
sharing
semantics are less clear.

Xen 3.0 should have the ability to attach an arbitrary USB device to a domain.  
You won''t be able to share it simultaneously but there would be nothing
to
stop you swapping the device between the domains as required.
> whereas for the device on the PCI-bus we only want to 
> make it accessible for one of the two instances.
You can do this in Xen 2.0 but it''s a little unfriendly at the moment -
I see
you''ve found some information on this.  Note that once you''ve
givien a domain
control of a device,on the PCI bus you do have to trust it (and its 
applications) to be non-malicious.

People are using the PCI bus sharing part of Xen very happily "in the
wild" to
allow their guest domains to function as routers / firewalls, Asterisk PBXes, 
etc.

Cheers,
Mark
> Is this (already) possible with the Xen-technology? If so, how to do
> this (where can I find the documentation for it?). If not, is it
> planned? Or do the Xen developers at this moment feel that this
> shouldn''t ever be in the scope of the project?
>
>
> Thanks
_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

Hi there,

We''d like to utilise Xen to hide and enable specific hardware
components
of a computer system for specified operating systems.

We have, for example, an USB-device and a device on the PCI-bus. We''d
like to run two instances of an operating system (two kernels) on a dual
Xeon cpu-hardware configuration. Each kernel on one such cpu would be
nice, of course.

We would like to make the USB-device usable on two instances of an
operating system, whereas for the device on the PCI-bus we only want to
make it accessible for one of the two instances.

Is this (already) possible with the Xen-technology? If so, how to do
this (where can I find the documentation for it?). If not, is it
planned? Or do the Xen developers at this moment feel that this
shouldn''t ever be in the scope of the project?


Thanks


-- 
Philip Van Hoof, Software Developer @ Cronos
home: me at pvanhoof dot be
gnome: pvanhoof at gnome dot org
work: philip dot vanhoof at cronos dot be
junk: philip dot vanhoof at gmail dot com
http://www.pvanhoof.be/


_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

> It''s an USB-stick like device. I''m guessing a
block-device. We don''t
> have the source code of the kernel module and/or software that uses the
> device. We get this from our supplier.
x86 binary kernel modules don''t like running under Xen: they should be 
recompiled.  Can you get your supplier to build against a XenLinux source 
tree for you?  There was talk of improving the compatibility with native 
Linux modules but the response seemed lukewarm.
> > You can do this in Xen 2.0 but it''s a little unfriendly at
the moment
> > - I see you''ve found some information on this.  Note that
once you''ve
> > givien a domain control of a device,on the PCI bus you do have to
> > trust it (and its applications) to be non-malicious.
>
> Of course. I understand.
The way PCI virtualisation is done in Xen 2.0 allows any app in a driver 
domain to fool around with the device''s IO ports.  This is for various
nasty
technical reasons due to the way x86 protects IO ports.  This model works 
well for dedicated "driver domains" but should probably be made to
work
differently for the kind of system partitioning many people are doing.

Future chipsets should include better DMA protection - this''ll enable
us to
trust domains with dedicated PCI cards less than otherwise necessary.

Cheers,
Mark
> > People are using the PCI bus sharing part of Xen very happily "in
the
> > wild" to allow their guest domains to function as routers /
firewalls,
> > Asterisk PBXes,
> > etc.
>
> Sounds promising.
>
> Thanks
_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

On Tue, 2005-07-12 at 15:55 +0200, Philip Van Hoof wrote:
> We would like to make the USB-device usable on two instances of an
> operating system, whereas for the device on the PCI-bus we only want
> to make it accessible for one of the two instances.

I found some information about this in the mailinglist myself:

physdev_dom0_hide=(xx.yy.z)

Has this feature (already) been documented? Where can I find more
information about it? What other features and utilities might help me
getting the concept to work with Xen?



-- 
Philip Van Hoof, Software Developer @ Cronos
home: me at pvanhoof dot be
gnome: pvanhoof at gnome dot org
work: philip dot vanhoof at cronos dot be
junk: philip dot vanhoof at gmail dot com
http://www.pvanhoof.be/


_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users

On Tue, 2005-07-12 at 13:49 +0100, Mark Williamson wrote:
> What kind of device is it?  If it''s a block device or a network
> device, this is already easily doable.  If it''s some other kind of
> device then the sharing semantics are less clear.
It''s an USB-stick like device. I''m guessing a block-device. We
don''t
have the source code of the kernel module and/or software that uses the
device. We get this from our supplier.
> Xen 3.0 should have the ability to attach an arbitrary USB device to a
> domain. You won''t be able to share it simultaneously but there
would
> be nothing to stop you swapping the device between the domains as
> required.
Ok.
> > whereas for the device on the PCI-bus we only want to 
> > make it accessible for one of the two instances.
> You can do this in Xen 2.0 but it''s a little unfriendly at the
moment
> - I see you''ve found some information on this.  Note that once
you''ve
> givien a domain control of a device,on the PCI bus you do have to
> trust it (and its applications) to be non-malicious.
Of course. I understand.
> People are using the PCI bus sharing part of Xen very happily "in the
> wild" to allow their guest domains to function as routers / firewalls,
> Asterisk PBXes, 
> etc.
Sounds promising. 

Thanks


-- 
Philip Van Hoof, Software Developer @ Cronos
home: me at pvanhoof dot be
gnome: pvanhoof at gnome dot org
work: philip dot vanhoof at cronos dot be
junk: philip dot vanhoof at gmail dot com
http://www.pvanhoof.be/


_______________________________________________
Xen-users mailing list
Xen-users@lists.xensource.com
http://lists.xensource.com/xen-users