| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <BC25CE95-75A1-48E7-86E7-4E5E933761B8@flygoat.com> Date: Thu, 25 Sep 2025 23:47:43 +0800 From: Jiaxun Yang <jiaxun.yang@...goat.com> To: Cong Wang <xiyou.wangcong@...il.com> Cc: linux-kernel@...r.kernel.org, pasha.tatashin@...een.com, Cong Wang <cwang@...tikernel.io>, Andrew Morton <akpm@...ux-foundation.org>, Baoquan He <bhe@...hat.com>, Alexander Graf <graf@...zon.com>, Mike Rapoport <rppt@...nel.org>, Changyuan Lyu <changyuanl@...gle.com>, kexec@...ts.infradead.org, linux-mm@...ck.org Subject: Re: [RFC Patch 0/7] kernel: Introduce multikernel architecture support > 2025年9月19日 06:25,Cong Wang <xiyou.wangcong@...il.com> 写道: > > This patch series introduces multikernel architecture support, enabling > multiple independent kernel instances to coexist and communicate on a > single physical machine. Each kernel instance can run on dedicated CPU > cores while sharing the underlying hardware resources. Hi Cong, Sorry for chime in here, and thanks for brining replicated-kernel back to the life. I have some experience on original Popcorn Linux [1] [2], which seems to be the root of most code in this series, please see my comments below. > > The multikernel architecture provides several key benefits: > - Improved fault isolation between different workloads > - Enhanced security through kernel-level separation I’d agree with Stefen’s comments [3], an "isolation” solution is critical for adaptation of multikernel OS, given that multi-tenant system is almost everywhere. Also allowing other kernel to inject IPI without any restriction can impose DOS attack risk. > - Better resource utilization than traditional VM (KVM, Xen etc.) > - Potential zero-down kernel update with KHO (Kernel Hand Over) > > Architecture Overview: > The implementation leverages kexec infrastructure to load and manage > multiple kernel images, with each kernel instance assigned to specific > CPU cores. Inter-kernel communication is facilitated through a dedicated > IPI framework that allows kernels to coordinate and share information > when necessary. > > Key Components: > 1. Enhanced kexec subsystem with dynamic kimage tracking > 2. Generic IPI communication framework for inter-kernel messaging I actually have concerns over inter-kernel communication. The origin Popcorn IPI protocol, which seems to be inherited here, was designed as a prototype, without much consideration on the ecosystem. It would be nice if we can reused existing infra design for inter kernel communication. I would suggest look into OpenAMP [4] and remoteproc subsystem in kernel. They already have mature solutions on communication between different kernels over coherent memory and mailboxes (rpmsg [5] co). They also defined ELF extensions to pass side band information for other kernel images. Linaro folks are also working on a new VirtIO transport called virtio-msg [6], [7], which is designed with Linux-Linux hardware partitioning scenario in mind. > 3. Architecture-specific CPU bootstrap mechanisms (only x86 so far) > 4. Proc interface for monitoring loaded kernel instances > > […] Thanks - Jiaxun [1]: https://www.kernel.org/doc/ols/2014/ols2014-barbalace.pdf [2]: https://sourceforge.net/projects/popcornlinux/ [3]: https://lore.kernel.org/all/CAM_iQpXnHr7WC6VN3WB-+=CZGF5pyfo9y9D4MCc_Wwgp29hBrw@mail.gmail.com/ [4]: https://www.openampproject.org/ [5]: https://docs.kernel.org/staging/rpmsg.html [6]: https://linaro.atlassian.net/wiki/spaces/HVAC/overview [7]: https://lwn.net/Articles/1031928/ > > > -- > 2.34.1
Powered by blists - more mailing lists