On Tue, Jul 21, 2009 at 6:20 AM, Lil Evil<[email protected]> wrote: > There are many different projects with similar goals out there: > BitVisor(sourcecode available somewhere) or Daonity and of course flickr, > probably more that I am not aware of. > They all seem to target a particular use case and scenario. > > Cutting out Operating System is certainly an elegant and interesting > solution. However, I think in its current form and function it is limited. > You cannot use shared libraries and there is still the issue with the trusted > graphics to be solved. > > Just some thoughts .... > lIl
Hi Lil, thank you for the pointers to those other projects, I will look at them more. I was a little confused about the mention of flickr, the photo sharing site, not where you'd expect to find the cutting edge of hypervisor research. But then I realized you meant Jon McCune's Flicker, which I agree is a very advanced implementation along these lines. I have the impression that P-MAPS can handle shared libraries. Reading some of the older papers by the same author(s), which used a variety of technologies to provide "ring -1" protection to application data, there is discussion of a signed "manifest" which describes what should be in an executable, and which includes relocation information necessary because the dynamic loader will move things around in memory. I think this would be specific to shared libraries, but I'm not sure. Unfortunately it appears that the Intel research blog site I linked to is kind of inactive, with no posts or updates for a month. Comments have to be approved; mine hasn't appeared after more than a week, and in fact no comments have been approved for the past month. Maybe the site administrator is on vacation, or maybe all of Intel shuts down during July? :) Hal ------------------------------------------------------------------------------ _______________________________________________ tboot-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/tboot-devel
