Virtual Linux Systems using User Mode Linux - PowerPoint PPT Presentation

1 / 12
About This Presentation
Title:

Virtual Linux Systems using User Mode Linux

Description:

Host File Access: Access host system files from inside the uml using one of the following ways: ... nfs mount directories from the host. Copy files into the uml ... – PowerPoint PPT presentation

Number of Views:90
Avg rating:3.0/5.0
Slides: 13
Provided by: z8gs5
Category:

less

Transcript and Presenter's Notes

Title: Virtual Linux Systems using User Mode Linux


1
Virtual Linux SystemsusingUser Mode Linux
  • Linux Bangalore 2003
  • Ganesh S
  • (ganesh.subramaniam_at_wipro.com)
  • Wipro Technologies

2
Introduction to User Mode Linux
  • User Mode Linux (uml) is a linux kernel that
    executes in the user space of a Linux host
    machine!
  • uml kernel is created by applying the user mode
    linux patch to the standard linux kernel source
    and building the kernel
  • uml kernel can be assigned virtual resources,
    including a root filesystem and swap space
  • Running number of umls on a host is like
    partitioning a machine into a number of smaller
    ones.

3
Why use User Mode Linux
  • Several users to a system need an ability to edit
    system files, start new daemons, install new
    applications, etc. Solution Run as many
    instances of uml as the number of users
  • Avoid the security and privacy problems inherent
    in giving out the root password or even sudo
    access of the host system. Solution - Each user
    gets an uml root filesystem and has root access
    to it
  • uml allows one to start many instances of linux
    kernel on a system
  • Each new kernel gets its own root filesystem. In
    this way, each uml instance is a complete virtual
    machine

4
More reasons to use uml
  • Users inside umls cannot see what tasks are
    running on other umls or what root filesystems
    are used by other umls
  • Allows to keep a single shared root filesystem
    for many uml instances
  • Hardware is emulated Block devices as files in
    host file system, serial devices are ptys,
    network devices are TUN/TAP
  • Run buggy software, experiment with new Linux
    kernels or distributions, and poke around the
    internals of Linux, all without risking the main
    Linux setup.
  • Break point the Linux startup and understand the
    Linux bootup sequence

5
User Mode Linux- Tracing Thread mode
  • Each uml process is a separate process on the
    host
  • Two approaches Tracing thread mode and Separate
    kernel address space (Skas) mode
  • In Tracing Thread mode
  • No native host kernel support
  • uml kernel is present in each uml process
  • Special tracing thread does syscall tracing and
    delivers the syscall to the uml kernel
  • Insecure data structures in uml kernel are
    read-write
  • Uml uses signals to force control to the uml
    kernel during a syscall or interrupts
    performance issues
  • More performance issues 12 processes are
    created per uml.

6
User Mode Linux Skas Mode
  • In Skas mode
  • Native host supports uml kernel by applying Skas3
    patch to the linux kernel
  • Uml kernel runs in a separate address space in
    the host kernel
  • New address space is created by opening /proc/mm
    and writing to the returned fd
  • Skas4 patch to provide syscall to create separate
    address space and another syscall to execute any
    arbitrary syscall in the context of the new
    address space.
  • Performance improvements Only 4 processes per
    UML compared to 12 in the tracing thread mode
  • Uml automatically detects for Skas mode support
    in the host and if not supported changes to
    tracing thread mode.
  • 4 Threads uml kernel thread, uml user space
    thread, udb thread and SGIO emulation thread

7
Access Host Resources
  • Host File Access Access host system files from
    inside the uml using one of the following ways
  • nfs mount directories from the host
  • Copy files into the uml virtual machine using rcp
  • Use hostfs to mount a host directory into the uml
  • Serial consoles
  • uml console can be directed to appear on a unused
    host console
  • Two virtual machines can communicate via serial
    consoles with one of them attached to a pty and
    the other to the corresponding tty
  • Network
  • Attach uml eth0 to host tun/tap interface
  • Using TUN/TAP allow uml instance to exchange
    packets with the host
  • .

8
Umls sharing File systems
  • Share file systems between two or more virtual
    machines (umls) using copy-on-write (cow)
    capability
  • COW writes are stored in a private file (cow
    file) reads happen from the shared filesystem
  • COW saves disk space when many umls are running
    on a system.
  • COW provides improved performance since shared
    filesystem can reside in host cache
  • Utilities to create COW and manage COW

9
UML in Bridge Software development
10
UML in Bridge Software development (2)
  • Virtual UML hosts uml1, uml2 and uml3 are
    connected to each other by three virtual networks
  • Virtual software bridges supporting several IEEE
    specifications like 802.1w, 802.1s, Link
    aggregation and 802.1X developed by Wipro are
    bra, brb and brc.
  • When interoperability is required one or all of
    the software bridge can be replaced by thrid
    party bridges.

11
Usage example - Honeypot
  • A honeypot is a system deliberately made
    vulnerable, and put on the internet for people to
    break into.
  • Honeypot closely monitors the traffic and is used
    for analyzing the trends and techniques in
    attacks.
  • Traditionally, honeypots have been physical
    systems on a dedicated network
  • Virtual machines such as UML have been used now
    as honeypots

12
References
  • http//user-mode-linux.sourceforge.net/
  • http//usermodelinux.co.uk/
  • http//usermodelinux.org/
  • Questions?
Write a Comment
User Comments (0)
About PowerShow.com