Thread: Qubes?
View Single Post
  #3   (View Single Post)  
Old 12th April 2010
J65nko J65nko is offline
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,561

Nothing new, just a copy of the design principles of VM/CMS operating system for IBM mainframes. From
The heart of the VM architecture is a control program or hypervisor called VM-CP (usually: CP; sometimes, ambiguously: VM). It runs on the physical hardware, and creates the virtual machine environment. VM-CP provides full virtualization of the physical machine – including all I/O and other privileged operations. It performs the system's resource-sharing, including device management, dispatching, virtual storage management, and other traditional operating system tasks. Each VM user is provided with a separate virtual machine having its own address space, virtual devices, etc., and which is capable of running any software that could be run on a stand-alone machine.
Running within each virtual machine is another, "guest" operating system. This might be:
  • CMS ("Conversational Monitor System", renamed from the "Cambridge Monitor System" of CP/CMS). Its official name is VM-CMS (confusing, since VM is commonly called VM/CMS). Most virtual machines run CMS, a lightweight, single-user operating system. Its interactive environment is comparable to that of a single-user PC, including a file system, programming services, device access, and command-line processing. (While an earlier version of CMS was uncharitably described as "CP/M on a mainframe", the comparison is an anachronism; the author of CP/M, Gary Kildall, was an experienced CMS user.)
  • A mainstream operating system. IBM's mainstream operating systems (i.e. the OS or DOS families) can be loaded and run without modification. The VM hypervisor treats guest operating systems as application programs with exceptional privileges - it prevents them from using privileged instructions (those which would let applications take over the whole system or significant parts of it), but simulates privileged instructions on their behalf. Most mainframe operating systems terminate a normal application which tries to usurp the operating system's privileges.

  • Another copy of VM. A "second level" instance of VM can be fully-virtualized inside a virtual machine. This is how VM development and testing is done. (A "second-level" VM can potentially implement a different virtualization of the hardware. This technique was used to develop S/370 software before S/370 hardware was available, and it has continued to play a role in new hardware development at IBM. The literature cites practical examples of virtualization five levels deep.) Levels of VM below the top are also treated as applications but with exceptional privileges.
  • A copy of the mainframe version of AIX or Linux. In the mainframe environment, these operating systems often run under VM, and are handled like other guest operating systems. (They can also run as 'native' operating systems on the bare hardware.)
Theo de Raadt has expressed the view that he does not understand how people can believe that whole armies of programmers, who have been struggling to write secure operating systems and applications for decades, suddenly are capable of writing secure virtualization software.
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote