lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 4 Aug 2006 12:06:28 -0700 (PDT)
From:	David Lang <dlang@...italinsight.com>
To:	Antonio Vargas <windenntw@...il.com>
cc:	Rusty Russell <rusty@...tcorp.com.au>,
	Andrew Morton <akpm@...l.org>, jeremy@...source.com,
	greg@...ah.com, zach@...are.com, linux-kernel@...r.kernel.org,
	torvalds@...l.org, hch@...radead.org, jlo@...are.com,
	xen-devel@...ts.xensource.com, simon@...source.com,
	ian.pratt@...source.com, jeremy@...p.org
Subject: Re: A proposal - binary

On Fri, 4 Aug 2006, Antonio Vargas wrote:

>> If there's going to be long-term compatability between different hosts and
>> guests there need some limits to what can change.
>> 
>> needing to uprev the host when you uprev a guest is acceptable
>> 
>> needing to uprev a guest when you uprev a host is not.
>
> Now, allowing this transparent acting is great since you can run your
> normal kernel as-is as a guest. But to get close to 100% speed, what
> you do is to rewrite parts of the OS to be aware of the hypervisor,
> and stablish a common way to talk.

I understand this, but for example a UML 2.6.10 kernel will continue to run 
unmodified on top of a 2.6.17 kernel, the ABI used is stable. however if you 
have a 2.6.10 host with a 2.6.10 UML guest and want to run a 2.6.17 guest you 
may (but not nessasarily must) have to upgrade the host to 2.6.17 or later.

> Thus happens the work with the paravirt-ops. Just like you can use any
> filesystem under linux because they have a well-defined intrface to
> the rest of the kernel, the paravirt-ops are the way we are wrking to
> define an interface so that the rest of the kernel can be ignorant to
> whether it's running on the bare metal or as a guest.
>
> Then, if you needed to run say 2.6.19 with hypervisor A-1.0, you just
> need to write paravirt-ops which talk and translate between 2.6.19 and
> A-1.0. If 5 years later you are still running A-1.0 and want to run a
> 2.6.28 guest, then you would just need to write the paravirt-ops
> between 2.6.28 and A-1.0, with no need to modify the rest of the code
> or the hypervisor.

who is going to be writing all these interface layers to connect each kernel 
version to each hypervisor version. and please note, I am not just considering 
Xen and vmware as hypervisors, a vanilla linux kernel is the hypervisor for UML. 
so just stating that the hypervisor maintainers need to do this is implying that 
the kernel maintainers would be required to do this.

also I'm looking at the more likly case that 5 years from now you may still be 
runnint 2.6.19, but need to upgrade to hypervisor A-5.8 (to support a different 
client). you don't want to have to try and recompile the 2.6.19 kernel to keep 
useing it.

> At the moment we only have 1 GPL hypervisor and 1 binary one. Then
> maybe it's needed to define if linux should help run under binary
> hypervisors, but imagine instead of this one, we had the usual Ghyper
> vs Khyper separation. We would prefer to give the same adaptations to
> both of them and abstract them away just like we do with filesystems.

you have three hypervisors that I know of. Linux, Xen (multiple versions) , and 
VMware. each with (mostly) incompatable guests

>> this basicly boils down to 'once you expose an interface to a user it can't
>> change', with the interface that's being exposed being the calls that the 
>> guest
>> makes to the host.
>
> Yes, that's the reason some mentioned ppc, sparc, s390... because they
> have been doing this longer than us and we could consider adopting
> some of their designs (just like we did for POSIX system calls ;)

I'm not commenting on any of the specifics of the interface calls (I trust you 
guys to make that be sane :-) I'm just responding the the idea that the 
interface actually needs to be locked down to an ABI as opposed to just 
source-level compatability.

David Lang
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ