Re: [RFC 0/5] parker: PARtitioned KERnel

[Pavel Machek]

On Wed 2025-09-24 12:01:52, H. Peter Anvin wrote:
> On September 24, 2025 8:22:54 AM PDT, Dave Hansen <dave.hansen@xxxxxxxxx> wrote:
> >On 9/23/25 08:31, Fam Zheng wrote:
> >> In terms of fault isolation or security, all kernel instances share
> >> the same domain, as there is no supervising mechanism. A kernel bug
> >> in any partition can cause problems for the whole physical machine.
> >> This is a tradeoff for low-overhead / low-complexity, but hope in
> >> the future we can take advantage of some hardware mechanism to
> >> introduce some isolation.
> >I just don't think this is approach is viable. The buck needs to stop
> >_somewhere_. You can't just have a bunch of different kernels, with
> >nothing in charge of the system as a whole.
> >
> >Just think of bus locks. They affect the whole system. What if one
> >kernel turns off split lock detection? Or has a different rate limit
> >than the others? What if one kernel is a big fan of WBINVD? How about
> >when they use resctrl to partition an L3 cache? How about microcode updates?
> >
> >I'd just guess that there are a few hundred problems like that. Maybe more.
> >
> >I'm not saying this won't be useful for a handful of folks in a tightly
> >controlled environment. But I just don't think it has a place in
> >mainline where it needs to work for everyone.
> 
> Again, this comes down to why a partitioning top level hypervisor is The Right Thing[TM].
> 
> IBM mainframes are, again, the archetype here, having done it
> standard since VM/370 in 1972. This was running on machines with a
> *maximum* of 4 MB memory.

Is there a good resource on IBM mainframes, prefferably written in
language that can be understood by mostly x86 kernel hacker?

BR,
								Pavel
-- 
I don't work for Nazis and criminals, and neither should you.
Boycott Putin, Trump, Netanyahu and Musk!

Attachment: signature.asc
Description: PGP signature