(lwn.net)

173 points ahlCVA | 1 comments | 19 Sep 25 15:29 UTC | HN request time: 0.205s | source

Show context

yalogin ◴[20 Sep 25 01:14 UTC] No.45308846[source]▶

It’s not clear to me but do these kernels run directly on the hardware? If so how are they able to talk to each other, DMA? That could open up some security flaws, hopefully they thought through that

replies(1): >>45309225 #

agentkilo ◴[20 Sep 25 01:44 UTC] No.45309225[source]▶

>>45308846 #

IIUC, yes, all the kernels involved run directly on the hardware, in a "cooperative" way, i.e. they must agree on not touching others' memory regions.

I think the architecture assumes all loaded kernels are trusted, and imposes no isolation other than having them running on different CPUs.

Given the (relative) simplicity of the PoC, it could be really performant.

replies(2): >>45309255 #>>45309270 #

yalogin ◴[20 Sep 25 01:46 UTC] No.45309255[source]▶

>>45309225 #

Wonder what the use cases are. Doesn’t feel like the kernels are hotswappable, so why is it preferred over VMs?

replies(1): >>45310511 #

1. yxhuvud ◴[20 Sep 25 04:55 UTC] No.45310511[source]▶

>>45309255 #

If nothing else, it is a path to making them hotswappable.

↑

Kernel: Introduce Multikernel Architecture Support