lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <f4041bf7-0984-4aff-887f-f77e58525e3a@zytor.com>
Date: Tue, 23 Sep 2025 12:46:38 -0700
From: "H. Peter Anvin" <hpa@...or.com>
To: Fam Zheng <fam.zheng@...edance.com>, linux-kernel@...r.kernel.org
Cc: Lukasz Luba <lukasz.luba@....com>, linyongting@...edance.com,
        songmuchun@...edance.com, satish.kumar@...edance.com,
        Borislav Petkov <bp@...en8.de>, Thomas Gleixner <tglx@...utronix.de>,
        yuanzhu@...edance.com, Ingo Molnar <mingo@...hat.com>,
        Daniel Lezcano <daniel.lezcano@...aro.org>,
        Zhang Rui <rui.zhang@...el.com>, fam@...hon.net, x86@...nel.org,
        liangma@...edance.com, Dave Hansen <dave.hansen@...ux.intel.com>,
        "Rafael J. Wysocki" <rafael@...nel.org>, guojinhui.liam@...edance.com,
        linux-pm@...r.kernel.org, Thom Hughes <thom.hughes@...edance.com>
Subject: Re: [RFC 0/5] parker: PARtitioned KERnel

On 2025-09-23 08:31, Fam Zheng wrote:
> 
> Parker is a proposed feature in linux for multiple linux kernels to run
> simultaneously on single machine, without traditional kvm virtualisation. This
> is achieved by partitioning the CPU cores, memory and devices for
> partitioning-aware Linux kernel.
> 

This seems to be much better handled by a lightweight hypervisor. There is a
reason why ALL IBM mainframes have a low-level hard-partitioning hypervisor.

Typically that hypervisor will expose a static, very low level view of the
machine (e.g. no scheduling - VCPUs are mapped 1:1 to physical CPUs; no I/O
sharing or emulation, except possibly as needed to boot, and so on.)

Because the functionality of the hypervisor is so limited, the overhead is
minimal, but it CAN (but doesn't HAVE TO) provide memory and I/O isolation
between partitions.

	-hpa

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ