lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <8363F839-4A11-4E5D-A34E-CBFCC1588886@zytor.com>
Date: Wed, 22 Oct 2025 18:26:55 -0700
From: "H. Peter Anvin" <hpa@...or.com>
To: Pavel Machek <pavel@....cz>
CC: Dave Hansen <dave.hansen@...el.com>, Fam Zheng <fam.zheng@...edance.com>,
        linux-kernel@...r.kernel.org, Lukasz Luba <lukasz.luba@....com>,
        linyongting@...edance.com, songmuchun@...edance.com,
        satish.kumar@...edance.com, Borislav Petkov <bp@...en8.de>,
        Thomas Gleixner <tglx@...utronix.de>, yuanzhu@...edance.com,
        Ingo Molnar <mingo@...hat.com>,
        Daniel Lezcano <daniel.lezcano@...aro.org>,
        Zhang Rui <rui.zhang@...el.com>, fam@...hon.net, x86@...nel.org,
        liangma@...edance.com, Dave Hansen <dave.hansen@...ux.intel.com>,
        "Rafael J. Wysocki" <rafael@...nel.org>, guojinhui.liam@...edance.com,
        linux-pm@...r.kernel.org, Thom Hughes <thom.hughes@...edance.com>
Subject: Re: [RFC 0/5] parker: PARtitioned KERnel

On October 22, 2025 5:11:19 AM PDT, Pavel Machek <pavel@....cz> wrote:
>On Wed 2025-09-24 12:01:52, H. Peter Anvin wrote:
>> On September 24, 2025 8:22:54 AM PDT, Dave Hansen <dave.hansen@...el.com> wrote:
>> >On 9/23/25 08:31, Fam Zheng wrote:
>> >> In terms of fault isolation or security, all kernel instances share
>> >> the same domain, as there is no supervising mechanism. A kernel bug
>> >> in any partition can cause problems for the whole physical machine.
>> >> This is a tradeoff for low-overhead / low-complexity, but hope in
>> >> the future we can take advantage of some hardware mechanism to
>> >> introduce some isolation.
>> >I just don't think this is approach is viable. The buck needs to stop
>> >_somewhere_. You can't just have a bunch of different kernels, with
>> >nothing in charge of the system as a whole.
>> >
>> >Just think of bus locks. They affect the whole system. What if one
>> >kernel turns off split lock detection? Or has a different rate limit
>> >than the others? What if one kernel is a big fan of WBINVD? How about
>> >when they use resctrl to partition an L3 cache? How about microcode updates?
>> >
>> >I'd just guess that there are a few hundred problems like that. Maybe more.
>> >
>> >I'm not saying this won't be useful for a handful of folks in a tightly
>> >controlled environment. But I just don't think it has a place in
>> >mainline where it needs to work for everyone.
>> 
>> Again, this comes down to why a partitioning top level hypervisor is The Right Thing[TM].
>> 
>> IBM mainframes are, again, the archetype here, having done it
>> standard since VM/370 in 1972. This was running on machines with a
>> *maximum* of 4 MB memory.
>
>Is there a good resource on IBM mainframes, prefferably written in
>language that can be understood by mostly x86 kernel hacker?
>
>BR,
>								Pavel

I don't know... perhaps ask the s390 guys?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ