From: Daniel De Graaf <dgdegra@tycho.nsa.gov>
To: xen-devel@lists.xen.org
Subject: Domain Builder
Date: Tue, 04 Mar 2014 18:32:36 -0500 [thread overview]
Message-ID: <53166294.5090308@tycho.nsa.gov> (raw)
In-Reply-To: <1393973494-29411-1-git-send-email-dgdegra@tycho.nsa.gov>
[-- Attachment #1: Type: text/plain, Size: 2791 bytes --]
A domain builder suitable for creating a disaggregated Xen system is
attached. Using this domain builder requires the patch series that
this email is in reply to, and requires that the hypervisor be built
with XSM enabled (with the XSM policy loaded from the bootloader).
The executable passed to Xen from GRUB is called db-boot. It takes a
CPIO archive containing specification files (with extension .cfg.db)
and their dependencies (kernels and initrds). The specification
files are built using compile-db-spec.
Example contents of the ramdisk:
control - control domain kernel (in tarball)
control.cpio - configuration for control domain
control.cfg.db - spec file for control domain
xenstore - mini-os version of the C xenstore
xenstore.cfg.db - spec file for Xenstore
vtpmmgr - mini-os TPM manager
vtpmmgr.cfg.db - spec file for TPM Manager
vmlinuz - Kernel for both Linux domains
initramfs.img - Common initrd for Linux domains
hardware.cfg.db - spec file for hardware domain
toolstack.cfg.db - spec file for toolstack domain
control.cfg:
vcpus=1
memory=4
kernel="control"
ramdisk="control.cpio"
extra="SVP xenstore=2 hs=3 drivers=3 tpm=4 self=1 schema=platform.ctl"
domid=1
access_control="system_u:system_r:control_t"
xenstore.cfg:
vcpus=1
memory=20
kernel="xenstore"
extra="--priv-domid 5 --internal-db"
domid=2
access_control="system_u:system_r:xenstore_t"
hardware.cfg:
memory=2000
vcpus=1
domid=3
dom_flags=['INITDOMAIN']
access_control="system_u:system_r:hardware_t"
kernel="vmlinuz"
ramdisk="initramfs.img"
extra="ro root=/dev/lvm_foo/hardware_root console=hvc0 earlyprintk=xen"
iomem=['enable 0(0xfed40)', 'enable 0xfed45(0xff012bb)']
ioports=[
# This is derived from "xl debug-key q" output for dom0
'enable 0(0x20)',
'enable 0x22(0x1e)',
'enable 0x44(0x1c)',
'enable 0x68(0x38)',
'enable 0xA2(0x356)',
'enable 0x400(8)',
'enable 0x40C(0x8EC)',
'enable 0xD00(0xF300)',
]
vtpmmgr.cfg:
vcpus=1
memory=5
kernel="boot/vtpmmgr"
extra="tpmlocality=2"
domid=4
access_control="system_u:system_r:vtpm_mgr_t"
iomem=['enable 0xfed42(1)']
toolstack.cfg:
memory=2000
vcpus=1
domid=5
access_control="system_u:system_r:toolstack_t"
kernel="vmlinuz"
ramdisk="initramfs.img"
extra="ro root=/dev/lvm_foo/toolstack_root console=hvc0 earlyprintk=xen"
control.cpio:
platform.ctl - compiled with compile-control-schema from svp.schema
svp.schema should be an empty file. Its contents describe additional
domains to build from disk, but this support requires using the domain
builder server which was removed due to its dependency on IVC which is
not available in upstream Xen.
[-- Attachment #2: domain_builder.tgz --]
[-- Type: application/x-compressed-tar, Size: 365921 bytes --]
[-- Attachment #3: Type: text/plain, Size: 126 bytes --]
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
prev parent reply other threads:[~2014-03-04 23:32 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-03-04 22:51 [PATCH 0/6] xen: Hardware domain support Daniel De Graaf
2014-03-04 22:51 ` [PATCH 1/6] xen: use domid check in is_hardware_domain Daniel De Graaf
2014-03-05 3:44 ` Julien Grall
2014-03-05 9:23 ` Jan Beulich
2014-03-05 15:25 ` Daniel De Graaf
2014-03-05 15:45 ` Jan Beulich
2014-03-05 21:23 ` Daniel De Graaf
2014-03-11 13:10 ` Ian Campbell
2014-03-04 22:51 ` [PATCH 2/6] xen/iommu: Move dom0 setup code out of __init Daniel De Graaf
2014-03-05 9:56 ` Jan Beulich
2014-03-05 22:25 ` Daniel De Graaf
2014-03-06 9:53 ` Jan Beulich
2014-03-04 22:51 ` [PATCH 3/6] xen: prevent 0 from being used as a dynamic domid Daniel De Graaf
2014-03-04 22:51 ` [PATCH 4/6] xen: Allow hardare domain != dom0 Daniel De Graaf
2014-03-05 3:50 ` Julien Grall
2014-03-05 23:04 ` Daniel De Graaf
2014-03-05 10:04 ` Jan Beulich
2014-03-05 23:04 ` Daniel De Graaf
2014-03-06 9:54 ` Jan Beulich
2014-03-04 22:51 ` [PATCH 5/6] tools/libxl: Allow dom0 to be destroyed Daniel De Graaf
2014-03-05 10:07 ` Jan Beulich
2014-03-05 12:02 ` Ian Jackson
2014-03-05 22:36 ` Daniel De Graaf
2014-03-10 16:45 ` Ian Jackson
2014-03-12 14:27 ` Daniel De Graaf
2014-03-13 17:17 ` Ian Jackson
2014-03-13 17:41 ` Daniel De Graaf
2014-03-14 14:32 ` Ian Jackson
2014-03-04 22:51 ` [PATCH 6/6] xenstored: add --master-domid to support domain builder Daniel De Graaf
2014-03-10 12:14 ` Ian Jackson
2014-03-04 23:32 ` Daniel De Graaf [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=53166294.5090308@tycho.nsa.gov \
--to=dgdegra@tycho.nsa.gov \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.