1 / 12

Virtual Linux Systems using User Mode Linux

Virtual Linux Systems using User Mode Linux. Linux Bangalore 2003 Ganesh S (ganesh.subramaniam@wipro.com) Wipro Technologies. Introduction to User Mode Linux. User Mode Linux (uml) is a linux kernel that executes in the user space of a Linux host machine!

cael
Download Presentation

Virtual Linux Systems using User Mode Linux

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Virtual Linux SystemsusingUser Mode Linux Linux Bangalore 2003 Ganesh S (ganesh.subramaniam@wipro.com) Wipro Technologies

  2. Introduction to User Mode Linux • User Mode Linux (uml) is a linux kernel that executes in the user space of a Linux host machine! • uml kernel is created by applying the user mode linux patch to the standard linux kernel source and building the kernel • uml kernel can be assigned virtual resources, including a root filesystem and swap space • Running number of umls on a host is like partitioning a machine into a number of smaller ones.

  3. Why use User Mode Linux • Several users to a system need an ability to edit system files, start new daemons, install new applications, etc. – Solution: Run as many instances of uml as the number of users • Avoid the security and privacy problems inherent in giving out the root password or even sudo access of the host system. Solution - Each user gets an uml root filesystem and has root access to it • uml allows one to start many instances of linux kernel on a system • Each new kernel gets its own root filesystem. In this way, each uml instance is a complete virtual machine

  4. More reasons to use uml • Users inside uml’s cannot see what tasks are running on other uml’s or what root filesystems are used by other umls • Allows to keep a single shared root filesystem for many uml instances • Hardware is emulated – Block devices as files in host file system, serial devices are ptys, network devices are TUN/TAP • Run buggy software, experiment with new Linux kernels or distributions, and poke around the internals of Linux, all without risking the main Linux setup. • Break point the Linux startup and understand the Linux bootup sequence

  5. User Mode Linux- Tracing Thread mode • Each uml process is a separate process on the host • Two approaches: Tracing thread mode and Separate kernel address space (Skas) mode • In Tracing Thread mode: • No native host kernel support • uml kernel is present in each uml process • Special tracing thread does syscall tracing and delivers the syscall to the uml kernel • Insecure: data structures in uml kernel are read-write • Uml uses signals to force control to the uml kernel during a syscall or interrupts – performance issues • More performance issues – 12 processes are created per uml.

  6. User Mode Linux – Skas Mode • In Skas mode • Native host supports uml kernel by applying Skas3 patch to the linux kernel • Uml kernel runs in a separate address space in the host kernel • New address space is created by opening /proc/mm and writing to the returned fd • Skas4 patch to provide syscall to create separate address space and another syscall to execute any arbitrary syscall in the context of the new address space. • Performance improvements – Only 4 processes per UML compared to 12 in the tracing thread mode • Uml automatically detects for Skas mode support in the host and if not supported changes to tracing thread mode. • 4 Threads – uml kernel thread, uml user space thread, udb thread and SGIO emulation thread

  7. Access Host Resources • Host File Access: Access host system files from inside the uml using one of the following ways: • nfs mount directories from the host • Copy files into the uml virtual machine using rcp • Use hostfs to mount a host directory into the uml • Serial consoles: • uml console can be directed to appear on a unused host console • Two virtual machines can communicate via serial consoles with one of them attached to a pty and the other to the corresponding tty • Network: • Attach uml eth0 to host tun/tap interface • Using TUN/TAP allow uml instance to exchange packets with the host .

  8. Umls sharing File systems • Share file systems between two or more virtual machines (umls) using copy-on-write (cow) capability • COW – writes are stored in a private file (cow file); reads happen from the shared filesystem • COW saves disk space when many umls are running on a system. • COW provides improved performance since shared filesystem can reside in host cache • Utilities to create COW and manage COW

  9. UML in Bridge Software development

  10. UML in Bridge Software development (2) • Virtual UML hosts uml1, uml2 and uml3 are connected to each other by three virtual networks • Virtual software bridges supporting several IEEE specifications like 802.1w, 802.1s, Link aggregation and 802.1X developed by Wipro are bra, brb and brc. • When interoperability is required one or all of the software bridge can be replaced by thrid party bridges.

  11. Usage example - Honeypot • A honeypot is a system deliberately made vulnerable, and put on the internet for people to break into. • Honeypot closely monitors the traffic and is used for analyzing the trends and techniques in attacks. • Traditionally, honeypots have been physical systems on a dedicated network • Virtual machines such as UML have been used now as honeypots

  12. References • http://user-mode-linux.sourceforge.net/ • http://usermodelinux.co.uk/ • http://usermodelinux.org/ Questions?

More Related