Re: [uml-devel] Making UML Single Threader

[Nix <nix@esperi.org.uk>]

On Tue, 8 Nov 2005, Jeff Dike prattled cheerily:
> On Tue, Nov 08, 2005 at 01:09:06AM -0600, Rob Landley wrote:
>> > So I don't care about systemcall interception or anything like that,
>> 
>> *blink*  *blink*
>> 
>> Ok, you want user mode linux, but you don't want it to actually run user 
>> processes, nor do want it to be able to intercept system calls.
>> 
>> Um...  What's left?
> 
> Only all of Linux.  It so happens that I want exactly the same thing for 
> libUML, except I haven't had time to do anything about it.

I've long wanted to do the same sort of thing, to do with a UML the same
sort of thing you can do with a real Linux box: that is, set up
networking and a bridging firewall, then halt it: the kernel keeps
processing network packets and firewalling and bridging them perfectly
well, but attackers now have *real* trouble changing the configuration.
You stop it with kill() on the host, or mconsole; as it's halted and all
fsen are unmounted and so on, you're safe from filesystem corruption.

When combined with CONFIG_NETCONSOLE, you can even keep an eye on it. :)

The necessary hack looks quite simple: I just haven't got around to it.

-- 
`Holy Google, pray for us sinners now and in the hour of our job interview.'


-------------------------------------------------------
SF.Net email is sponsored by:
Tame your development challenges with Apache's Geronimo App Server. Download
it for free - -and be entered to win a 42" plasma tv or your very own
Sony(tm)PSP.  Click here to play: http://sourceforge.net/geronimo.php
_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel