top | item 45309225

(no title)

agentkilo | 5 months ago

IIUC, yes, all the kernels involved run directly on the hardware, in a "cooperative" way, i.e. they must agree on not touching others' memory regions.

I think the architecture assumes all loaded kernels are trusted, and imposes no isolation other than having them running on different CPUs.

Given the (relative) simplicity of the PoC, it could be really performant.

discuss

yjftsjthsd-h|5 months ago

Can't the kernel set up hardware-backed memory maps to partially blind itself to other memory regions? (Only "partially" because even then I expect it could just change the mappings, but it's still a protection against accidental corruption)

p_l|5 months ago

That's standard part of setups like that, the cooperative aspect is that they have to set the memory map so they don't overlap.

yalogin|5 months ago

Wonder what the use cases are. Doesn’t feel like the kernels are hotswappable, so why is it preferred over VMs?

yxhuvud|5 months ago

If nothing else, it is a path to making them hotswappable.