|
|
Log in / Subscribe / Register

ELCE11: Sandboxing for automotive Linux

ELCE11: Sandboxing for automotive Linux

Posted Nov 3, 2011 23:00 UTC (Thu) by martinfick (subscriber, #4455)
In reply to: ELCE11: Sandboxing for automotive Linux by jimparis
Parent article: ELCE11: Sandboxing for automotive Linux

> If done right, hardware-level virtualization (ie KVM) should have only minor performance implications, especially on a platform where things like network and file I/O are already quite slow and shouldn't be affected by a small CPU overhead.

I think that is dreaming. OS level virtualization can handle 1000s of guests, do you think KVM "done right" could even handle 100?

to post comments

ELCE11: Sandboxing for automotive Linux

Posted Nov 4, 2011 19:59 UTC (Fri) by jimparis (guest, #38647) [Link]

When you start talking about 100 or 1000 guests, the limiting factors to full virtualization quickly become I/O bandwidth, scheduler pressure, RAM, etc. Virtualizing exactly 1 guest is an entirely different problem, especially if the primary goals are security and trying to mix two dissimilar systems. So yeah, I do think that "KVM done right" is far better for isolating a single Android instance than trying to modify both the host and guest to coexist. That's not to say that OS level virtualization doesn't have its uses.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds