Installation guide
315
Security Enhanced Linux Short for Security Enhanced Linux, SELinux uses Linux Security
Modules (LSM) in the Linux kernel to provide a range of minimum
privilege required security policies.
Single Root I/O
Virtualization
SR-IOV is a standard for a type of PCI passthrough which natively
shares a single device to multiple guests.
SR-IOV enables a Single Root Function (for example, a single
Ethernet port), to appear as multiple, separate, physical devices. A
physical device with SR-IOV capabilities can be configured to appear
in the PCI configuration space as multiple functions, each device has
its own configuration space complete with Base Address Registers
(BARs).
SR-IOV uses two new PCI functions:
• Physical Functions
• Virtual Functions
Universally Unique Identifier A Universally Unique Identifier (UUID) is a standardized numbering
method for devices, systems and certain software objects in
distributed computing environments. Types of UUIDs in virtualization
include: ext2 and ext3 file system identifiers, RAID device
identifiers, iSCSI and LUN device identifiers, MAC addresses and
virtual machine identifiers.
Virtual Functions Virtual Functions (VFs) are simple PCIe functions that only process
I/O. Each Virtual Function is derived from a Physical Function. The
number of Virtual Functions a device may have is limited by the
device hardware. A single Ethernet port, the Physical Device, may
map to many Virtual Functions that can be shared to virtualized
guests.
Virtual machines A virtual machine is a software implementation of a physical
machine or programming language (for example the Java Runtime
Environment or LISP). Virtual machines in the context of virtualization
are operating systems running on virtualized hardware.
Virtualization Virtualization is a broad computing term for running software, usually
operating systems, concurrently and isolated from other programs
on one system. Most existing implementations of virtualization use
a hypervisor, a software layer that controls hardware and provides
guest operating systems with access to underlying hardware. The
hypervisor allows multiple operating systems to run on the same
physical system by giving the guest operating system virtualized
hardware. There are various methods for virtualizing operating
systems:
• Hardware-assisted virtualization is the technique used for full
virtualization with KVM (definition: Full virtualization)
• Para-virtualization is a technique used by Xen to run Linux guests
(definition: Para-virtualization)
• Software virtualization or emulation. Software virtualization uses
binary translation and other emulation techniques to run unmodified