Comment by legulere - Hacker Neue

legulere Apr 28, 2017 parent

With all the bugs in hardware emulation, wouldn't it make sense to emulate the linux kernel a la bash for windows instead of running the linux kernel on emulated hardware?

btbuilder Apr 28, 2017

Sounds like you are describing containers; while not emulation neither is virtualization. There are many more opportunities for escape dealing with Linux containers than virtualization due to the increased complexity of the interface.

While I'm impressed by the work Microsoft have done to support the Linux kernel interfaces I would imagine the complexity of the effort to implement correct behavior from Windows kernel primitives would lead to more potential security vulnerabilities.

Another comparison might be Linux syscall support within illumos[1] which AFAIK relies on mature Solaris Zones for isolation.

[1] https://www.slideshare.net/bcantrill/illumos-lx

danieldk Apr 28, 2017

Sounds like you are describing containers; while not emulation neither is virtualization.

Another possibility would be User-mode Linux (UML), in contrast to containers, it gives each 'virtual machine' its own Linux kernel, where the Linux kernel runs as another Linux program.

pmiller2 Apr 28, 2017

Not always. Suppose you are writing a stand-alone kernel, for instance. That's much easier to debug in a VM than on real hardware.

This item has no comments currently.