top | item 13963233

(no title)

br1n0 | 9 years ago

In other words templeos is a unikernel with a jit compiler. The name is odd, the author is strange, do you judge a movie by private life of the authors? The illness of van gogh, Gödel didn't affect their creations. missing graphical interface is a defect. An unikernal is a strange beast, sound crazy, but got some advantages: is simpler, could be understood completely by a human (and not only by a genius), there are no penality for system calls, and there is no cpu time wasted on context switch. Because the machine are getting cheaper is common to have only one user, so all these security became useless, so on the long run the unikernels will be mainstream. Kudos to him. a relevant discussion about unikernel here: https://news.ycombinator.com/item?id=10362897

discuss

laumars|9 years ago

The advantage of multiple "users" isn't just blocking one person's access to another person's stuff. It's also a valuable tool for sandboxing system processes which need to run parallel on the same host system.

I'm addition to that, a monolithic unikernel (as unikernels usually are) would have the issue of a higher tendency for kernel panics.

So i really can't see unikernels becoming mainstream. If anything the reverse trend is true with more complex kernel designs like micro kernels becoming more favourable as computing hardware gets cheaper.

The real growth area for unikernels is virtualized appliances, eg running a single purpose service as a Xen unikernel. But even that is awfully niche and often better served (particularly in terms of developer and sysadmin productivity) with containers these days.

nickpsecurity|9 years ago

In that case, you need process isolation and permissions not user privileges. Prior models for mandatory, access control and capability-based security can already do what you're describing. KeyKOS did it in production on mainframes decades ago with extra benefit of persistence for app data. System/38 did one of those models, too, at CPU level. Later became AS/400 and IBM i. AS/400's run and run and run.

So, if you want POLA and damage containment, one option is imitating old designs that pulled that off. Patents expired, too. ;)

elihu|9 years ago

I think unikernels make sense in conjunction with languages like Rust. If your compiler is making sure it won't generate code that could cause a segfault, the run-time checks to do the same are unnecessary overhead.

(There are, of course, some details that would need to be worked out like how to handle unsafe code blocks, how to run programs written in unsafe languages, and how to enforce a policy of only executing code compiled with a trusted compiler, but none of these seem like fundamentally insurmountable obstacles and the benefits of being able to make a system call without any more overhead than a function call are pretty big for certain applications.)

im_down_w_otp|9 years ago

I don't understand the definition of "unikernel" here. There's nothing preventing a microkernel architecture from being the basis of a unikernel.

Unikernel isn't the opposite of microkernel.

unknown|9 years ago

[deleted]

futurix|9 years ago

I'd argue that Van Gogh isn't such a great example in this context...