http://archive.fosdem.org/2008/schedule/events/embedded_xen_arm11
Schedule: Xen for Secure Isolation on ARM11
Xen for Secure Isolation on ARM11
- Our primary goal for porting Xen to the ARM architecture is to
provide secure isolation between two or more Xen guest domains on
mobile devices utilizing ARM11 based processors. To achieve this
primary goal, we intend to leverage the ongoing Xen Security Modules
(XSM) FLux Advanced Security Kernel (FLASK) work as part of our Xen
based ARM Secure Isolation strategy.
- As a secondary goal, we intend to implement our Xen ARM port in
a
manner which will facilitate rapid porting to new ARM processors and/or
machines. This secondary goal will be achieved via inclusion of the
excellent ARM multi-processor/multi-machine support implementation
present in the current Linux-2.6 kernel into our Xen ARM port.
- Our tertiary goal is to incorporate ARM Linux kernel
initialisation parameter support into Xen to set up the initial Xen ARM
machine environment thus facilitating use of Xen on existing ARM
targets without requiring target bootloader customisations. As of this
writing, we have completed the initial bring up of the Xen ARM idle
domain on a QEMU Versatile/PB ARM926EJ-S based target but have not yet
completed bring up of the Xen mini-OS and/or Linux guest domains. It is
anticipated that we will have substantially completed our Xen ARM
porting efforts in time to present a fully functional Xen ARM port at
the LCA Virtualisation Miniconf.
This presentation will provide:
- An architectural overview of the MontaVista Xen ARM port
- Background details of the MontaVista Xen ARM porting efforts to
date
- Current status of the MontaVista Xen ARM port
- Live demonstration of Xen on an ARM11 based target
- Next steps for the Xen ARM port
|
