> With IOMMU visualization like Intel's Vt-d one can run a toy OS against a single piece of real hardware like a network card while the rest will be provided by a hypervisor.
Absolutely, but given that the Hurd does currently not have any USB support (At least it did not have it toward the end of 2012 even though I think that a USB DDEKit is being worked on also by the Minix folks) the IOMMU support for something like Hurd or Minix seems unlikely.
> That can bear very useful results like isolation of increasingly complex network drivers and protocols behind a hardened special-purpose OS. This reduces the attack surface against other software running in the hypervisor.
Yeah, I still think that if you took some of the ideas/goals from the Hurd and tried to implement them on top of the Linux kernel they would have gotten much further along, but then you would have had to compromise. These days there are plenty of userspace driver infrastructure bits in the Linux kernel. I cannot imagine that the theoretical advantage of the Hurd microkernel design will even pay off because most of the interesting bits can likely be done with the Linux kernel and no one should care about the boring driver bits, but the cool stuff.