LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Being unfairly fair

Being unfairly fair

Posted Nov 20, 2012 11:56 UTC (Tue) by man_ls (subscriber, #15091)
In reply to: Attacking hardened Linux systems with kernel JIT spraying by cmccabe
Parent article: Attacking hardened Linux systems with kernel JIT spraying

To be fair, this vulnerability exploits a combination of JIT and direct execution. If all kernel code was JITted with the same VM, then this kind of attack would be useless.

To be even fairer, to the point of unfairness, Java may have had vulnerabilities e.g. in executing protected code; but no buffer overflows. In C, every time a pointer is not checked for null before jumping, or an array index is not checked to be within bounds, there is an opportunity for a security vulnerability. I would trade 1000s of vulnerabilities for a handful any time, if it was even feasible to run a kernel in a VM.

In real life a kernel cannot run in a VM because it would need a kernel to run the VM -- or the VM would become the kernel. This is the way of the microkernel, which is slow. Embedding a VM inside another VM has no advantages and only slows things down even more.

On the other hand there is no reason why a kernel cannot be written in an object-oriented, reference-counted language. I have been thinking for a long time that it would be a worthwhile project, but for some reason have not found the time to do it in my spare time. Perhaps Golang would be a worthwhile instrument for the task.

(Log in to post comments)

a kernel cannot run in a VM

Posted Nov 20, 2012 21:46 UTC (Tue) by Wol (guest, #4433) [Link]

That was my immediate reaction.

Sorry to say it, but cyanit doesn't seem to understand the difference between a kernel and a VM.

A VM provides a *virtual* computer so that the programs don't need to give a fig what the real hardware is.

A kernel must interface directly with the hardware and cannot afford to ignore any figs.

Running a kernel in a VM is likely to vanish in a puff of smoke as it gets lost in a mobius loop!

Cheers,
Wol

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds