* Truly Autonomous Migration
@ 2004-11-12 0:03 Jacob Gorm Hansen
2004-11-15 18:35 ` Tim Freeman
0 siblings, 1 reply; 3+ messages in thread
From: Jacob Gorm Hansen @ 2004-11-12 0:03 UTC (permalink / raw)
To: Xen-devel; +Cc: eric, eske
hi,
I just had my first success at self-migrating a domain across two hosts,
with absolutely no involvement from Xen or Domain0. On the sending side
I have a self-migrating XenLinux 2.4, migrated by a small userspace
process inside it, which reads a checkpoint from /dev/checkpoint and
writes it to a TCP socket.
On the receiving side I have a small (the kernel binary is 25952 bytes)
TCP stack and server in an unprivileged domain. It receives the
checkpoint, fixes up the pagetables, and jumps to the incoming data,
which resumes there and has now been live-migrated to the new host.
Apart from the coolness-factor of being able to checkpoint and migrate
oneself without outside involvement (as well as some performance
benefits of not having to run with shadow page tables, though it has
been a while since I made any direct comparisons against Ian's stuff),
this to me seems to be good news for security. If a machine can run
without any privileged code facing the network, the attack surface and
thus risk of compromise is greatly reduced.
I will make binaries available tomorrow, if anyone is interested in
playing with this? (Guess not, but at least I am having fun with this ;-))
Best,
Jacob
-------------------------------------------------------
This SF.Net email is sponsored by:
Sybase ASE Linux Express Edition - download now for FREE
LinuxWorld Reader's Choice Award Winner for best database on Linux.
http://ads.osdn.com/?ad_id=5588&alloc_id=12065&op=click
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Truly Autonomous Migration
2004-11-12 0:03 Truly Autonomous Migration Jacob Gorm Hansen
@ 2004-11-15 18:35 ` Tim Freeman
2004-11-16 13:12 ` Jacob Gorm Hansen
0 siblings, 1 reply; 3+ messages in thread
From: Tim Freeman @ 2004-11-15 18:35 UTC (permalink / raw)
To: Jacob Gorm Hansen; +Cc: Xen-devel, eric, eske
On Fri, 12 Nov 2004 01:03:06 +0100
Jacob Gorm Hansen <jacob@melon.dk> wrote:
> hi,
>
> I just had my first success at self-migrating a domain across two hosts,
> with absolutely no involvement from Xen or Domain0. On the sending side
> I have a self-migrating XenLinux 2.4, migrated by a small userspace
> process inside it, which reads a checkpoint from /dev/checkpoint and
> writes it to a TCP socket.
>
> On the receiving side I have a small (the kernel binary is 25952 bytes)
> TCP stack and server in an unprivileged domain. It receives the
> checkpoint, fixes up the pagetables, and jumps to the incoming data,
> which resumes there and has now been live-migrated to the new host.
>
> Apart from the coolness-factor of being able to checkpoint and migrate
> oneself without outside involvement (as well as some performance
> benefits of not having to run with shadow page tables, though it has
> been a while since I made any direct comparisons against Ian's stuff),
> this to me seems to be good news for security. If a machine can run
> without any privileged code facing the network, the attack surface and
> thus risk of compromise is greatly reduced.
>
> I will make binaries available tomorrow, if anyone is interested in
> playing with this? (Guess not, but at least I am having fun with this ;-))
Just to let you know: I am interested! Keep up the cool work :-)
Tim
>
> Best,
> Jacob
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by:
> Sybase ASE Linux Express Edition - download now for FREE
> LinuxWorld Reader's Choice Award Winner for best database on Linux.
> http://ads.osdn.com/?ad_id=5588&alloc_id=12065&op=click
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/xen-devel
>
-------------------------------------------------------
This SF.Net email is sponsored by: InterSystems CACHE
FREE OODBMS DOWNLOAD - A multidimensional database that combines
robust object and relational technologies, making it a perfect match
for Java, C++,COM, XML, ODBC and JDBC. www.intersystems.com/match8
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Truly Autonomous Migration
2004-11-15 18:35 ` Tim Freeman
@ 2004-11-16 13:12 ` Jacob Gorm Hansen
0 siblings, 0 replies; 3+ messages in thread
From: Jacob Gorm Hansen @ 2004-11-16 13:12 UTC (permalink / raw)
To: Tim Freeman; +Cc: Xen-devel
Tim Freeman wrote:
>
> Just to let you know: I am interested! Keep up the cool work :-)
>
> Tim
That is good to hear, in the meantime I have made sources and binaries
available on http://www.diku.dk/~jacobg/self-migration/
best regards,
Jacob
-------------------------------------------------------
This SF.Net email is sponsored by: InterSystems CACHE
FREE OODBMS DOWNLOAD - A multidimensional database that combines
robust object and relational technologies, making it a perfect match
for Java, C++,COM, XML, ODBC and JDBC. www.intersystems.com/match8
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2004-11-16 13:12 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-11-12 0:03 Truly Autonomous Migration Jacob Gorm Hansen
2004-11-15 18:35 ` Tim Freeman
2004-11-16 13:12 ` Jacob Gorm Hansen
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.