Hello,
just out of curiosity: assuming I run a Linux VM on top of NOVA. NOVA runs obviously in ring 0. In which protection ring of the CPU will the Linux kernel be executed? Ring 1 or together with the userland apps in ring 3?
Cheers, Marcel
Am Mittwoch, 23. Dezember 2009 schrieb Udo A. Steinberg:
Hi,
The NOVA project is happy to announce that there is a prerelease of the NOVA microhypervisor available for download at http://www.hypervisor.org/ or http://os.inf.tu-dresden.de/~us15/nova/ under the terms of the GNU Public License version 2.
NOVA is based on a modern microhypervisor written in C++ and assembler. It currently supports x86-32 SMP platforms with hardware virtualization features, such as Intel VT-x or AMD-V, and facilitates running multiple unmodified guest operating systems in virtual machines with near-native performance. On machines without VT-x or AMD-V, the functionality is reduced to that of a microkernel.
Like third-generation microkernels, the NOVA microhypervisor uses a capability-based authorization model and provides only basic mechanisms for spatial and temporal isolation, scheduling, communication and delegation of platform resources. Additional services are provided by an unprivileged multi-server user environment running on top of the microhypervisor.
In NOVA, we implemented almost all of the virtualization functionality in a deprivileged user-level virtual-machine monitor. This design choice improves the overall security of the system, because exploitation of a bug in the platform virtualization code only compromises the VMM and leaves the remaining components unaffected.
Cheers,
- Udo