[ANNOUNCE] NOVA Microhypervisor 0.1 prerelease
marcel.winandy at trust.rub.de
Mon Mar 8 19:01:50 CET 2010
just out of curiosity: assuming I run a Linux VM on top of NOVA. NOVA runs
obviously in ring 0. In which protection ring of the CPU will the Linux kernel
be executed? Ring 1 or together with the userland apps in ring 3?
Am Mittwoch, 23. Dezember 2009 schrieb Udo A. Steinberg:
> The NOVA project is happy to announce that there is a prerelease of the
> NOVA microhypervisor available for download at http://www.hypervisor.org/
> or http://os.inf.tu-dresden.de/~us15/nova/ under the terms of the
> GNU Public License version 2.
> NOVA is based on a modern microhypervisor written in C++ and assembler.
> It currently supports x86-32 SMP platforms with hardware virtualization
> features, such as Intel VT-x or AMD-V, and facilitates running multiple
> unmodified guest operating systems in virtual machines with near-native
> performance. On machines without VT-x or AMD-V, the functionality is
> reduced to that of a microkernel.
> Like third-generation microkernels, the NOVA microhypervisor uses a
> capability-based authorization model and provides only basic mechanisms for
> spatial and temporal isolation, scheduling, communication and delegation of
> platform resources. Additional services are provided by an unprivileged
> multi-server user environment running on top of the microhypervisor.
> In NOVA, we implemented almost all of the virtualization functionality in a
> deprivileged user-level virtual-machine monitor. This design choice
> improves the overall security of the system, because exploitation of a bug
> in the platform virtualization code only compromises the VMM and leaves
> the remaining components unaffected.
> - Udo
More information about the l4-hackers