Truly Autonomous Migration

[Jacob Gorm Hansen <jacob@melon.dk>]

hi,

I just had my first success at self-migrating a domain across two hosts, 
with absolutely no involvement from Xen or Domain0. On the sending side 
I have a self-migrating XenLinux 2.4, migrated by a small userspace 
process inside it, which reads a checkpoint from /dev/checkpoint and 
writes it to a TCP socket.

On the receiving side I have a small (the kernel binary is 25952 bytes) 
TCP stack and server in an unprivileged domain.  It receives the 
checkpoint, fixes up the pagetables, and jumps to the incoming data, 
which resumes there and has now been live-migrated to the new host.

Apart from the coolness-factor of being able to checkpoint and migrate 
oneself without outside involvement (as well as some performance 
benefits of not having to run with shadow page tables, though it has 
been a while since I made any direct comparisons against Ian's stuff), 
this to me seems to be good news for security.  If a machine can run 
without any privileged code facing the network, the attack surface and 
thus risk of compromise is greatly reduced.

I will make binaries available tomorrow, if anyone is interested in 
playing with this?  (Guess not, but at least I am having fun with this ;-))

Best,
Jacob


-------------------------------------------------------
This SF.Net email is sponsored by:
Sybase ASE Linux Express Edition - download now for FREE
LinuxWorld Reader's Choice Award Winner for best database on Linux.
http://ads.osdn.com/?ad_id=5588&alloc_id=12065&op=click