DragonFly users List (threaded) for 2007-01
DragonFly BSD
DragonFly users List (threaded) for 2007-01
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: write news article about virtual kernel

From: "Dmitri Nikulin" <dnikulin@xxxxxxxxx>
Date: Mon, 29 Jan 2007 08:28:13 +1100

On 1/28/07, Matthew Dillon <dillon@apollo.backplane.com> wrote:
    No.  Frankly I do not think it is a good idea to allow any
    production virtualization mechanism to ever have direct access
    to hardware.  It destroys the layering that gives virtualization
    stability and security... no matter how good the implement is.

    As a debugging tool it might be useful, but that is about as
    far as I would ever consider taking it.

That's what I was saying: It's a debugging tool to develop a driver, and once it's "done", it can just be loaded into the host kernel instead of the virtual kernel. If that virtual kernel is there for the express purpose of hosting drivers and not untrusted processes and users, then security isn't any worse than keeping it in the host kernel. Maybe it's even more secure if a buggy driver which could have taken over the kernel will instead only take over the virtual kernel, or (more likely) fail entirely and get a segfault. It has practical uses if the use-case of sandboxing processes is kept well separate from sandboxing drivers, but yes, it does have to be implemented well to be useful at all even for debugging.

Dmitri Nikulin

Centre for Synchrotron Science
Monash University
Victoria 3800, Australia

email: dnikulin@gmail.com

[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]