User Mode Linux

langed writes: "It appears that Jeff Dike has supplied a new implementation of the Linux kernel, whereby it is possible to boot a Linux kernel from the command line. This allows you to test a kernel before installing it, or completely partition users off from the main system. Networking appears to be through a slip connection, AFAIK, but this thing shows serious potential for increasing security and for kernel hacking, among many other nifty uses."

Re:How many consoles do I get then?

[drdink]

You can already work on 16 consoles. All you have to do is modify your /etc/inittab file to run more gettys. See the init(8) amdn agetty/mingetty(8) manpages.

Re:Similar to FreeBSD jail()

[drdink]

They may have the same result, but unlike jail() this thing requires you to run a kernel under your kernel. FreeBSD's jail() uses the system kernel. There is no second kernel running under it. You get less of a cpu hit with jail().

Re:The ultimate win/lin compatibility

[G Neric]

by making this not-really-that-funny joke, and moderating it so high, a serious issue is being ignored.

For many people who already have Windows installed, running a linux kerel on top of it would provide an easy path to get the capabilities of linux.

This user-mode linux implementation is not necessarily that easy to port to windows. From what I understand, the way it works is to run the UML kernel the same way a debugger does, with "breakpoints" at all the appropriate spots. These are then thunked to do the right thing.

Great for teaching

[benmhall]

At my school there's a lab full of Celeron's running Linux JUST for an Operating Systems class. They let the users log in as root and recompile the kernel/tear the machine apart and then re-ghost the image every day or two. This sounds like a much nicer way of letting users see how Linux works without doing any damage to the network. What a boon for teaching!

Security compaired to FreeBSD's jail?

[Spoing]

While User Mode Linux [sourceforge.net] and FreeBSD's jail [freebsd.org] have different designs, what are the security differences between the two when used as sandboxes?

From what (little) I know of UML, I'd have to give jail the nod since it's focused on security, uses less overhead per-process (?), as well as having a focused and simple design.

Re:Some idle thoughts

[swinge]

Good post. More idle thoughts.

It enhances a lot of the capabilities you mention, but it's not a panacea. If you ran a batch of them on one machine, they'd be in contention over a number of system resources and would have to block and wait for one another in a way that kernels in the wild do not. I'll bet tests could be developed to detect such a honeypot. Large-scale distributed systems (which would consume some large-scale memory on the single host :) might not behave the same way. For example, the resource locking and blocking might inadvertently clean up race conditions and whatnot.

I'm not saying it wouldn't be a big help in getting closer to solutions of the problems that you suggest, just that it isn't perfect and will present its own set of problems.

Re:BSD Jail - been there done that

[bugg]

I think moderating this down to -1 was a bit extreme. He does have a point, sadly, and his rudeness should be no reason for him not to be heard at all.

Re:Old news

[jellicle]

It must have been reported here before, too.

Care to back that up with a URL?

Wow, now we're to the point that if the Last-modified date on a webpage is older than 20 minutes ago, it must have been reported on slashdot before and therefore slashdot is wrong to post it. Pretty high standards, eh?
--
Michael Sims-michael at slashdot.org

Re:The ultimate win/lin compatibility

[Webmonger]

Actually, I was originally going to post a serious comment. Since I use Windows a lot of the time, Linux-in-windows would actually be very handy for me. Plus, with the right virtual drivers, you'd be able to access devices under Linux that have no Linux drivers.

I understand it's not in the offing yet, but the website lists "A Linux environment for other operating systems" as a potential use.

But still. . . Windows under Linux? Doesn't that defeat the purpose of Linux?

this has been around for quite a while...

[ceswiedler]

At least on the linux-kernel list, discussion of the user-mode port has centered around its usefulness as a tool for debugging kernel code. I haven't heard any suggestions that it actually be used as a production "kernel", or that multiple user-mode kernels run at once. Perhaps that's just because discussion on l-k centers on implementation details. I'll also guarantee that no thought has been put into making a user-mode Linux port for Windows, so you can stop wishing...

Re:How many consoles do I get then?

[drdink]

All that good stuff is part of your keymap. If you redesign a keymap that changes the assignment of the VT switching keys, you're set. For all the kernel is concerned, you can make it ALt+1, Alt+2, or even Shift+Ctrl+X for your X tty.

Good for developers

[jhalme]

Now this sounds very interesting indeed for
software developers working on client/server
systems and embedded Linux systems. No need to
have several physical computers in a network
when one can test applications by running
several separate "computers" on one computer.

How about running a Beowulf cluster on one
physical computer? ;)

On the other hand, AFAIK, this has already been
possible with VMWare, right?

Re:The ultimate win/lin compatibility already exis

[alienmole]

I take your point about the heavyweight-ness of vmware. It does a really good job for my purposes, though: development and targeting to different platforms, as well as installing, testing and running packages I wouldn't necessarily want on my base install. So I like it a lot.

Plus, it's not open source so there's no way to change it to do what I want.

Since it provides a true virtual machine, you can do just about anything you like inside that machine. Unfortunately, it just so happens the particular things you want to do (like run a non-X version of the VMWare tools, or giving it away free) depend on closed source.

I'd like something I could put on a CD so that when I sit down at someone else's machine I could pop it in and launch, with no install. This would be a good way to evangelize linux, and to provide tech support and stuff.

Did you see this in the What it's good for [sourceforge.net] page for user-mode Linux:

A Linux environment for other operating systems

This is more a potential use, since UML only runs on Linux right now. But once it's ported to another OS, it is a completely authentic Linux environment - it will run any Linux executable. This would be an interesting shortcut for an OS vendor looking for Linux binary compatibility.

Time to get hacking? ;) It's a tempting idea!

Re:Old news

[jallen02]

*yawn yawn yawn* I messed up one <BR> tag so freaking sue me. My message is clear enough.

I work and often find myself not really worrying a whole lot about coherently structuring a post to /. when really I am just thanking the editors for their efforts.

When I have something important to say (not often at all on /.) I will make it legible and understandable so that more people will take it seriously.

I do not have time to really complain about other peoples grammatical prowess or lack thereof. I do not have time to degrade and insult people anonymously.

So I thank you for your time however I feel it is largely wasted since I think you were a bit destructive as opposed to being constructive with your criticism.

I also believe that people with your attitude are generally what tend to make people a little peeved with the attitudes going around here. Go ahead look over my userinfo it seems you have plenty of time to do so. Look at my posts, you will see that whenever I choose to reply lucidly I do so, otherwise I am myself and I try not to contirbute to much to noise here.

So please please before you negatively treat people like this ask yourself if it is you are really accomplishing.

Jeremy

Re:Old news

[jallen02]

Hehhhehe you guys are getting testier as time goes by ehh? :)

Can't say I blame you, I complained like once or twice when I first got here but now ive dealt with handling spammers on a few sites I wrote, and ive seen how utterly pointless it is to constantly chastise you guys for this (it gets so old seeing the same thing differently worded every article and then being modded up?) R
Moderators? Dont you EVER get tired of moderating up the same redundant crap??

I know I never get modded very high because I tend to be contrary to how a lot of people think here, I dont mind MS, I think /. does a pretty good job with their site, I like BSD, not Linux, I dont like perl *poke /. folks think we could have a php port ;)? (kidding!! :)* etc. etc., but anyways I just feel compelled to counter act some of the negative shit people post.

(And no this is not sucking up anyone who feels like flaming or what not, I could give a care since in about 10 minutes im not reading /. until tommorow), anyways you guys do good work and despite the fact that some people probably know about every source forge project in existence, this is something interesting and worthwhile.

Hmmn.. my main point is.. you guys do good work and even if I occasionally disagree (everyone does), I dont think its worth it to say the same thing everyone else does and further piss you guys off, so I say good job :)

Now go ahead moderate me into oblivian, see if I care, I read at -1 and dont really care for the moderation system :) thats why you have the option of reading /. how you want :).

Maybe more people should loosen their sphincters a little and focus on the overall good of /. instead of complaning about the 2% of it that bothers you?

To, whom every this applies :P

Jeremy

Re:The ultimate win/lin compatibility already exis

[Ed Avis]

It might be possible to re-link a Linux binary against the Cygwin libraries instead of glibc, and then run it. Like how Wine links Windows binaries against its own implementation of Win32 - I think. I'm not a binutils guru, so could someone say whether this would be possible?

Kernel Debugging

[Laxitive]

This is so schweet. I've heard that you can debug solaris kernel while you're running under it. I bet this kind of thing in Linux offers many possibilities for seeing exactly what's going on inside the black box when something goes wrong. Too nifty.

-Laxitive
(Yes, I do know it's spelled wrong)

Re:Similar to FreeBSD jail()

[orange7]

No, it's not that Linux is "getting" such a capability. It's been around for a while. Just slashdot rehashing ancient news again =/.

Andrew

Re:Get your mainframe!! Mainframes here!!

[simong]

There's something similar already: UK company DSVR [dsvr.co.uk] sell virtual servers that are effectively multiple standalone 300Mb Linux boxen on a 500Mhz PC host. They've also made the technology available through the GPL at www.freevsd.org. [freevsd.org]

Re:How many consoles do I get then?

[mirwor]

I don't have those manpages handy at the moment... but I would like to know if it is possible to put the shortcuts to the consoles somewhere else then the function keys. I am sure that this is possible..the question is more...can I put that shortcuts to my keypad on the right in the way that I type alt + 3 for console 3 and alt + 14 for console 14. Not that I need that...just thought it would be fun. ;)

Re:Old news

[stevey]

I believe it has quite a high version number, and the diary page on the web site goes back to February of this year.

While I've heard of this for a while now, (not sure how long - but I've seen it on Kernel-Traffic), its good that this is covered now, why?

Because too often we get stories covered here, about software that is verson .0.01, or are under planning stages.

This is different; because to somebody who hasn't heard about it theres a nice suprize .. they can actually download this and play with it .. without too much hassle. Which is a good thing.

Steve
---

Re:BSD Jail - been there done that

[Anonymous Coward]

Anyone else get a little flushed and sweaty at the mention of 'man jail'?

Thought so.

Machines in machines rock...

[B747SP]

Pretty awesome stuff. VMWare [vmware.com] is a really good commercial one - though VMWare goes the whole hog, with a full virtual machine with access to hardware and everything. Still, being able to boot multiple instances of the one OS on any one machine is a real plus.

At my work, we have a choice of NT, NT, or NT - and it's not native hackable NT either, it's a bizarre mod on NT done by some systems group. I run Red Hat on my PC, then the obligatory corporate NT builde in a VMWare virtual machine. Handed it to the NT drones one day and said "what's wrong with this?" with the NT machine full-screen. They couldn't tell, said it was just fine.

Stuff like this really comes into it's own when you can run multiple 'machines' on one, get a whole multi-OS test lab happening on one box. User-land linux rocks - a great step in the right direction!

Used for different reasons

[ink]

This sounds very similar to the FreeBSD jail() capability which is a very nice feature. Sounds good that linux may be getting a similar capability.

You may be able to use them for the same purpose, but they really are different beasts. BSD's jail() doesn't require/use a second kernel -- so it's usless for playing with alternate or development kernels. Userland Linux, on the other hand, will be slower but will allow you to play with different kernels. I imagine that kernel developers will use the userland Linux more than your average BSD jail() user does, because BSD people use it for security reasons instead.

I'm curious about the SMP capabilities of this thing; can you emulate multiple processors to debug re-entrant code?

The wheel is turning but the hamster is dead.

Re:Get your mainframe!! Mainframes here!!

[julesh]

As a DSVR client, I must say that their service is very good, except for a couple of problems: - software that attempts to bind sockets to IPADDR_ANY can get confused by their system and have conflict with the other virtual servers on their machine. I have this trouble with mysql, which just about everyone runs there; either you have to turn off networking or use a non-standard port. - you don't get a proper root account, and a lot of things don't work properly (eg admin can't access other users' files without relevant permissions). A service using the user mode kernel would (imho) be significantly better. But then the DSVR approach is lower cost (in terms of CPU time) and sufficient for almost all uses.

The ultimate win/lin compatibility already exists!

[alienmole]

For many people who already have Windows installed, running a linux kerel on top of it would provide an easy path to get the capabilities of linux.

You can already run Linux on Windows, using VMWare [vmware.com]. I'm running Linux on WinNT4 right now. You can download an eval [vmware.com]. They have a $99 hobbyist price, too.

Also, Cygwin [cygwin.com] provides a good implementation of the GNU tools on Windows, which lets you run GCC and compile and run lots of open source stuff.

Re:Great!

[alienmole]

if the virtual x86 has access to disk hardware, or net hardware with NFS, then hacked daemons could do real damage to the VM host.

VMWare [vmware.com] (see my other reply [slashdot.org] to you) virtualizes the disk and network too. The host disk is completely safe (as far as I can tell.) A hacked daemon could access the network, but if you're that concerned, you can disable networking in the VM.

Re:Old news

[jallen02]

Okay okay.

I realize it is a bit (assumptive?) of me to say what I did, but I am going to point out just a couple of things that I don't believe make me better or more impotant than anyone else here..

I only use my +1 bonus by accident when I forget to even check it.

Since I dont really agree with nor care about Karma, I read articles at -1 Threaded, Oldest First. That is my personal preference nothing more nothing less. But I also have noticed that you really do miss something if you decide to read score:2 and up. Score:2 and up is the suggested way to read an article by some folks around here I believe. Also reading at -1 Threaded, Oldest first does NOT relate to disliking Karma either. That is just my personal preference.

I really really am not complaning about not getting moderated really, it does not matter to me. I agree it is assumptive of me to say because of my contrary thinking/posting and also understand where your original line of posting came from and apologize for saying you were degrading me. I still do believe your approach could have been more constructive but I respond kindly to anything except real obvious trolls. Thanks for posting your email, I realize a lot of people do not really mind AC posting but I do appreciate the fact that you posted your email :)

Also I openly admit if I do not sit down and think about what I am fixing to say my mind skips and it really does come out an incoherent jumble that you probably have to read a couple of times to understand, whereas someone else probably says it better and they get moderated. I am aware of that and it does not bother me. I just think harboring certain opinons around here can cause you moderation/meta mod grief.

I have seen moderators with agendas moderate my posts, that always peeves me especially when it happens to me (yes it DOES happen, maybe not as often as I depicted but it does occur)

Hehe

I think I have found one of your pet peeves on /. :)

Jeremy

P.S. I hated both college english courses I have taken and I barely survived them even realizing the importance of having a good command of the language. Learning english just really preturbs me :)

Re:Security and GPL Considerations Of User Mode Li

[jdike]

A more troubling question is how much of "User Mode Linux" can be run entirely independent of root. Even creating a new SLIP device for the virtualized OS requires non-user priviledges, so the best case scenario remains that an attacker, knowing they're behind a false root, attempts to corrupt or attack the parent kernel by feeding bad bytes down the network interface.

Everything except access to the host networking can be done as non-root. At this point, setting up networking requires a suid helper. After the network is setup, everything is non-privileged.

Jeff

Re:Old news

[jallen02]

BTW, I think your human so its alright :)

(Who knows.. space aliens could be using /. hehehe)

Jeremy

Why not adding it to Mozilla?

[Anonymous Coward]

Yes, by adding the user mode kernel to our Web browser we have a very secure system with a sand box and a very, very, very most faster and versatile distributed environement than Java Applets, don't you think?. Platform independence could be reached just transmiting the source code, not the binary one, (Gtk++ C source code for example) and compiling inside sand box bounds.

Re:Some idle thoughts

[ameoba]

Isn't the GPL infectious enough for you?

Userspace HURD

[karlm]

What I'd really like to see is a userspace HURD running on the Linux kernel.

As it stands, if I want to keep HURD out of my hardware, I need to set up Debian Linux inside VMWare, then use that Debian installation to install HURD inside the VMWare session. A userspace HURD would also require less time to boot than booting through a VMWare session.

Karl

I'm a slacker? You're the one who waited until now to just sit arround.

User Mode...

[comcn]

Hey, doesn't that mean that Users will be able to cope with Linux? I mean, most SysAdmins have to switch to `User Mode' to explain things to the lusers...

Great!

[pb]

I've been interested in this project for a while now, and it looks like (according to the TODO list) they've fixed a lot of gotchas, and now it's time to hammer out the bugs and optimize.

However, I still like the idea of running a virtual x86 machine better, for the OS compatibility. Running a virtualized Linux would be cool for security, (run sendmail and wuftpd and whatnot on top of that; if someone hacks it, just kill and respawn :) and of course development, but that's about it.
---
pb Reply or e-mail; don't vaguely moderate [ncsu.edu].

Get your mainframe!! Mainframes here!!

[qnonsense]

User mode Linux == Mainframe-like functionality?

Isn't this sort of thing that the S390s do? So couldn't we now start running mad-crazy numbers of VMs on straight up PC hardware? So if I were an ISP, I could give each of my clients their own host, yes?

Fun stuff!

The ultimate win/lin compatibility

[Webmonger]

Forget WINE. The ultimate windows/linux compatibility is running a linux kernel under Windows! All the stability of Windows and all the Gui goodness of Linux!
Think on it.

Think on it and tremble. . .

Nice Stuff

[discore]

Although the majority of this programs abilities can be performed by simply not breaking things as root, I find that the ability to test a new kernel is quite a nice feature. I haven't used it yet, just read the overview of it, so I could be a little wrong.
It also seems like a project that was long in the making. I can't tell if it is old news.. but regardless it looks established.

Uses

[xant]

There are uses for this. Step outside the sysadmin box for a minute and think about it as a powerful development tool, and not just for KERNEL developers, either. The ability to run a kernel in usermode allows you to:

1. - Boot up a whole new DISTRO - never mind a new kernel - in a safe environment, simply by installing it in a subdirectory of /. Projects like
2. Repairlix [sourceforge.net] could use this during development to avoid having to burn the cd, install it on a clean system, reboot to that system (or worse, have a whole 'nother computer for it).

1. - Give developers of drivers and network interfaces something to debug. When your code is likely to crash the whole system, it's crucial that you be able to place your debugger OUTSIDE the system.

1. - Give developers of ALL kinds of systems the ability to see the effects of their installer, compilation system, package management, etc. on different kernels and environments quickly. Want to see if your program runs on 2.0.* Linux? Boot the sucker up. (AFAIK the UML stuff is ported to particular kernels, so I guess you couldn't pick ANY kernel you wanted. Maybe when it comes of age a bit more. . .)

--

linux as a microkernel

[Z4rd0Z]

Maybe someone could create a linux kernel that has only the bare minimum of services to boot with, then one (or more) of these could boot on top of it in user space, and then you have a microkernel style linux OS. Just an idea.

Re:this has been around for quite a while...

[jdike]

I'll also guarantee that no thought has been put into making a user-mode Linux port for Windows, so you can stop wishing...

Actually people have thought about it. No one has coughed up any actual code, though.

Jeff

Some idle thoughts

[jd]

• A user-land kernel would make a great honeypot as it would be indistinguishable from a "real" system.
• It would allow you to test large-scale distributed software -WITHOUT- a large-scale distributed setup.
• As with car mechanics, it would allow you to see the engine running, without being in the car.
• It offers more profiling possibilities (as your profiler won't be changing the state of the kernel by the act of running).
• The first one to port the entire Linux kernel to a Word Macro wins the "Gross, Sick and Disgusting, but very Impressive Hack" Award.

cygwin port

[joshv]

Would it be possible/desirable to port this to cygwin? Then I could boot a linux kernel under NT. Not sure if this makes sense but then it seems this would give me binary compatibility with Linux executables.

-josh

Re:The ultimate win/lin compatibility already exis

[G Neric]

Thanks for the suggestions, though they don't get me what I'm imagining user-mode linux would. BTW, since VMWare also runs on linux, by your logic you could equally suggest that user-mode linux is not necessary at all.

I run VMWare but it's not as lightweight as I'm picturing user-mode linux. Plus, it's not open source so there's no way to change it to do what I want. I'd like something I could put on a CD so that when I sit down at someone else's machine I could pop it in and launch, with no install. This would be a good way to evangelize linux, and to provide tech support and stuff.

I also use Cygwin a lot and I'm very happy with it. However, it does not have binary compatibility. I'd like to be able to use RPMs and whatnot without thinking about it. BTW, I also don't like the direction Cyg-tools has been going: toward separate Unix-within-Windows and away from integrated-Unix-view-of-Windows. I like to use those tools to make NT palatable, not to hide NT which is not always an option.

Good for webhosting

[nconway]

This was mentioned on the mod_perl mailing list, and I agree. The idea is to use this like IBM's virtual machines on an S/390 to separate webhosting boxen into 1 'machine' per client. Some cool + fast technologies (like mod_perl) can crash Apache if written poorly. This is obviously a problem for webhosting companies. With user-mode Linux, you could separate each client from one another, and all the clients from the actual kernel.

This probably wouldn't be necessary for most clients (doing static content, CGIs, etc). It could be offerred as a 'premium package', or whatever. So all the static content + CGI stuff could run in 1 kernel, and you could give each premium client their own kernel to play with. The efficiency problems would probably be offset by the big speed boost mod_perl and similar apps give you (after all, that's why they need to be so closely integrated with Apache). Plus, if these people are willing to pay extra for a `premium' package, you can probably afford to buy a couple big Sun boxen to host them on.

Re:Great!

[G Neric]

yup, but VMWare is a heavyweight and you really couldn't consider using it to isolate a bunch of daemons each in their own kernelspace. Also, it is too GUI and not designed for starting and stopping remotely or automatically. One thing that really burns me about it is if you run linux in it, you need to launch XWindows in order to run the VMWare tools. And because it's not open source, I can't...

Re:Some idle thoughts

[Black Parrot]

> Isn't the GPL infectious enough for you?

Actually, I don't think of it as being viral. I have lots of GPL and non-GPL stuff together on my disk, and the non-GPL stuff never seems to get infected.

Rather, I think of the GPL as inductive, in the sense familiar to computer scientists. I.e., if x is GPL'd, then successor(x) is also GPL'd.

--

Re:Some idle thoughts

[Black Parrot]

> The first one to port the entire Linux kernel to a Word Macro wins the "Gross, Sick and Disgusting, but very Impressive Hack" Award.

Then we release it as a virus.

--

mklinux can do this

[proj_2501]

I've done this with mkLinux [mklinux.org]. There are instructions on how to do this in the Interactive FAQ (which is probably linked from that page.). Just make sure both kernels have their own root filesystems! Otherwise you can hose everything pretty easily.
--

Interestingly enough

[drinkypoo]

Scyld [scyld.com] (you know, beowulf? A top news item today?) have a package on their site called Two Kernel Monte [scyld.com] (by Erik Hendriks [mailto] which says the following:

Two Kernel Monte is a kernel module which allows Linux to load another kernel image into RAM and restart the machine from that kernel. The loader supports initial ram disks and passing arbitrary kernel command line parameters to the new kernel. This version supports Linux 2.2.x and Linux 2.3.x.

Not quite the same thing, but related and interesting.

Re:Some idle thoughts

[hautis]

I always thought it'd be nice if Linux was ported to Java virtual machine.

I've also thought it'd be nice to have a good assembler and, say, egcs toolchain for JVM.. so people could write applets and stuff without having to learn all that JavaBlahBlahFsckingCrap.

Re:BSD Jail - been there done that

[bugg]

Sure, UM Linux is not something that's for security advancement, but rather for people who want a partially isolated kernel development enviornment.

Readers of slashdot (i.e. ignorant masses) took it as something for creating honeypots, secure isolated servers, etc. Having brought that up, it _then_ becomes fair game to bring up jail(2)

Re:Some idle thoughts

[cburley]

Rather, I think of the GPL as inductive, in the sense familiar to computer scientists. I.e., if x is GPL'd, then successor(x) is also GPL'd.

That gets my vote as "coolest explanation of the GPL's nature of the millenium".

Seriously, where were you when we were fighting about these things on gnu.misc.discuss back in the early '90s? I think everyone (thoughtful ones anyway) would really have appreciated that characterization!

Even more seriously, think of turning that into your .sig or something...I'm going to try to commit it to memory.

Re:The ultimate win/lin compatibility

[YellowSubRoutine]

Are you sure it was dope you took, and not washing pouder?

How many consoles do I get then?

[mirwor]

So will I be able to work on 16 consoles in parallel?? That'll increase my productivity a lot..very cool.

Re:Old news

[Taurine]

Yes, this has been available for months. It must have been reported here before, too. News seems stuck in an infinite loop recently on /. Back in the day this didn't happen very often, and the actual number of front-page stories wasn't lower, so what could be the cause? Is there a drop in the quality of the story queue, or of the attention of the editors? In this case, how could the submittor have failed to notice that this wasn't new? I believe it has quite a high version number, and the diary page on the web site goes back to February of this year. And this thing is often mentioned in the most consumable version of the kernel mailing list, Kernel Traffic.

Serious Scrutiny?

[InfoSec]

Doesn't this sort of application really not have much of a real world use? The trying out of a new kernel is okay, but you should be doing that on non-production machines anyhow. And as for cracker protection, chroot works better than usermode linux IMHO. I can see the development testing as being somewhat benficial, but that doesn't really test out the whole kernel does it? The only way to be sure that a kernel truly works is to boot it. These opinions are my own, and not those of my alternate personalities. As such, any litigation should be directed at me sdalj; NOT ME; lkasdlf The dogs told me to do it.
Deven Phillips, CISSP
Network Architect
Viata Online, Inc.

Re:Similar to FreeBSD jail()

[chris.bitmead]

Do they make an export version of FreeBSD with a
gaol() system call?

Re:This must be why 2.4 is delayed

[titus-g]

Wot it protected you from evil spirits?, improved your health? love life?

Now that's an upgrade :)

SILK

[barries]

A fellow named Malcolm Beatty is/was working on a project called SILK (Simultaneuos Instances of the Linux Kernel or some such). Haven't heard anything about it in a long while though. - Barrie

Re:linux as a microkernel

[Adnans]

Size has nothing to do with being a microkernel. The architecture of the kernel makes it a micro or monolithic kernel; basically wether it does message passing or not.

Security and GPL Considerations Of User Mode Linux

[Effugas]

I've actually been talking up User Mode Linux since I first heard about it some time ago. The project's goal is essentially to re-implement Linux in its own system call interfaces, so the entire operating system can be executed as Just Another Application.

It's actually pretty cool code, and it has some pretty interesting implications as time goes on.

Among other things, it's actually a surprisingly good hack for making IPSec on Linux rather more usable. It's pretty obvious that IPSec code belongs in the kernel(after all, it's built off of IP, which *is* kernel code), but the difficulty and potential instablitity of IPSec, when it's not exactly a critical application for many users, precludes the deployment of the code. User mode Linux, with a stripped down FreeSWAN distribution, could give a much less risky and far simpler method for users and administrators to test and perhaps even deploy simple IPSec endpoints.

IPSec may become only marginally more awkward to experiment with than SSH.

Of course, this would require raw access to the network interface--not something generally given user level processes. That illustrates the #1 caveat of User Mode Linux--if the environment runs as root under the parent kernel, the child kernel doesn't particularly lose those root permissions. Granted, control over the operating environment can be much, much finer grained per virtual OS instantiation. But if that environment is broken, the attacker gains all capabilities of the user parent. When the user parent is root...sure, there's a layer of obfuscation, but that's about it.

Of course, if I was attacking a machine, I wouldn't particularly expect that the machine I had taken over was just a temporarily instantiated OS image.

A more troubling question is how much of "User Mode Linux" can be run entirely independent of root. Even creating a new SLIP device for the virtualized OS requires non-user priviledges, so the best case scenario remains that an attacker, knowing they're behind a false root, attempts to corrupt or attack the parent kernel by feeding bad bytes down the network interface. Luckily, that's generally a pretty untrusted interface--and even better, there's absolutely nothing that says you have to give the client a direct network link(slirp, once again, comes in incredibly useful.)

Interestingly enough, User Mode Linux (as noted on the page) will probably eventually be used to port Linux apps en masse to alternate platforms that implement the Linux System Call APIs. lxrun *does* this on Solaris to some degree; this does mean that sometime down the line, Linux IPSec code may function on a non-free OS.

This really shouldn't be a big deal, with everything GPL and open--but RMS and Becker have made some pretty loud noises about kernel functionality being intrinsically separated from the intent of the GPL. User Mode Linux reduces the entire kernel to Just Another Application, no different than anything else. This is, in a technical sense, a beautiful, fascinating example of encapsulation--one that could never have come about without the openness that the GPL grants.

I'd keep an eye on User Mode Linux if I were you. This is among the most interesting work being done with the OS, period.

Yours Truly,

Dan Kaminsky
DoxPara Research
http://www.doxpara.com

Re:Great!

[G Neric]

basically a good idea, but it's harder than that because you've got to virtualize more than x86: if the virtual x86 has access to disk hardware, or net hardware with NFS, then hacked daemons could do real damage to the VM host.

Re:Get your mainframe!! Mainframes here!!

[richdawe]

User mode Linux == Mainframe-like functionality?

Isn't this sort of thing that the S390s do? So couldn't we now start running mad-crazy numbers of VMs on straight up PC hardware? So if I were an ISP, I could give each of my clients their own host, yes?

IIRC S390s are designed to support VMs in hardware - they have special instructions. It's likely that there will be a larger performance hit running multiple user-mode Linuces on PC hardware than running multiple "normal" Linuces on an S390.

Anyway, can't you effectively give all your clients their own host by using chroot'd servers and virtual hosting? Probably better than running n virtual copies of Linux!

Fun stuff!

Aye, it certainly is.

Similar to FreeBSD jail()

[lomion]

This sounds very similar to the FreeBSD jail() capability which is a very nice feature. Sounds good that linux may be getting a similar capability.

Re:Get your mainframe!! Mainframes here!!

[Nicolas MONNET]

It's sooo much better than chroot! There's no getting out from that box! And chroot has some limitations, such as only one filesystem.

--