Run PV in PVH container

From Xen
Jump to: navigation, search

Xen 4.11 support running of unmodified legacy PV-only guest to be run in PVH mode. This allows users to run old, PV-only distros. This simplifies management and reduces the surface of attack significantly. This makes vulnerabilities in PV interfaces local to guests. Note that slide 15 of this presentation gives an architectural overview of PVH shim.

Converting a PV config to a PVH shim config

  • Shutdown VM
  • Remove any reference to builder (e.g., builder="generic")
  • Add the following two lines:
 type="pvh"
 pvshim=1
  • Restart VM

Converting a PV config to a PVH config

Icon Info.png If you have a kernel capable of booting PVH, then PVH mode is both faster and more secure than PV or PVH-shim mode.


  • Shutdown VM
  • Remove any reference to builder (e.g., builder="generic")
  • Add the following line:
 type="pvh"
  • Restart VM