Linux Kernel to Include KVM Virtualization

It looks like the newest version of the Linux kernel (2.6.20) will include KVM, the relatively new virtualization environment. From the article: "Thanks to its approach KVM already runs in the current kernel, without any extensive bouts of patching and compiling being required, after the fairly simple compilation of a module. Virtual machines that run unmodified operating systems are meant to appear in the host as a simple process and work independently of the host kernel. In a fashion comparable to that of Xen a modified QEMU is used for the supportive emulation of typical PC components of the virtual machines."

Re:how many KVMs

[should_be_linear]

All three-letter acronyms are recycled many times already but it will not stop future projects/organizations to recycle them once more.

Only up to date processors? How up to date?

[Viol8]

It mentions some code names but I'm not au fait with Intel or AMD code names. How long have these functions been in CPUs? Will my P4 support it or is it only the latest core duos and so forth?

Re:KVM switch?

[Anonymous Coward]

> there I was thinking that my Belkin KVM switch was finally gonna work properly
> (I have two mice connected as the switch cannot switch the mice correctly)

Keyboard and mouse data comes in packets of about 3 or 4 bytes. If a KVM switch toggles mid-packet the PC and/or the peripheral may get badly confused. A well-designed KVM product will get this right, but many don't; it looks like your Belkin product falls into this category.

KVM swithces also vary enormously in their video quality. It is a mistake to think of a KVM switch as a "commodity" device. It is well worth spending a bit extra to get a well-designed product. You're unlikely to have any problems with Adder or Avocent kit.

I hope Windows can't access the hardware.

[Viol8]

If you it gives another OS *full* access to everything then you'd be just as vulnerable to viruses , worms etc as if you were running that OS natively and you could well find your linux filesystem hosed. Hopefully guest OSes will be in a sandbox or at the very least only allowed to directly access specific user defined hardware resources. If not then I certainly won't be taking advantage of this system anytime soon.

Re:qemu

[Anonymous Coward]

VMware is closed-source proprietary product. Please use qemu/kqemu and help kill VMWare instead.

kqemu is also a closed-source proprietary product.

Re:Not everything, just video

[Schraegstrichpunkt]

One of the main barriers to Linux adoptoin is the fact that you can't ru Windows games in Linux, unless you reboot into windows. If LVM / Xen / QEMU / VMWare started realizing this and made video driver performance a priority, they could have a real market leader on their hands.

If the full interface documentation for recent Nvidia and ATI video cards was released, and GPL-compatible drivers existed, this would probably already be in the works.

Re:Not everything, just video

[Anonymous Coward]

Er. No, it's not secure. We're just lucky that most leet haxors (that we know about...) are really just script kiddies without the technical know-how to do the fancier stuff. A malicious program running on your GPU or other expansion card has privileged access to your physical memory.

The PC architecture (and I use the term loosely...) simply doesn't have proper memory protected I/O "channels" like mainframe I/O. (I dunno about PCI Express, since it's a cut-down channel architecture, maybe it, maybe in conjunction with an AMD-syle x86_64 IOMMU, could properly memprotect all thos noncpu processors modern PeeCees tend to have).

Re:qemu

[Shawn is an Asshole]

Why does it matter if you're running a proprietary OS in a proprietary VM? If you're concerned about only using free software, why bother with the proprietary OS? If you're wanting to virtualize Free operating systems, use Xen. It rocks.

Re:Not everything, just video

[Alioth]

Games is not the main barrier to adoption. The home desktop is low price, low margin cut-throat business. Why would VMware, XenSource etc. want to go after a market which will be difficult to support, and not provide them with the money they need to keep going? The corporate market (particularly servers) is far larger and far more important for them - so don't expect video drivers to ever be a priority.

Re:Not everything, just video

[Mad Merlin]

Games may be an inhibitor for Linux adoption in the home market, but Xen/QEmu/KVM/VMWare aren't aimed at the home market at all. When you consider the fact that what you want is most definitely not a simple task, you may understand why nobody has done it yet.

Re:Not everything, just video

[Viol8]

"a crashing X session won't bring your whole machine down."

If it locks up the video sub system it can make the machine unusable except via a net or dumb terminal connection , which could mean the machine needs a reboot. Not good in a business enviroment.

Re:I hope Windows can't access the hardware.

[LarsG]

How in the WORLD does access to the video, sound, or any other daughterboard grant access for a virus?

If you don't know, please leave your geek-card at the door on your way out.

Short answer - DMA. [wikipedia.org]

Long answer - memory protection between processes (and in this case guest OSes) is done by the MMU, making sure that process A can't read/write to memory owned by process B (or in this case guest OS and host OS). Unfortunately, the memory space seen by devices on extention buses like PCI is not mapped by the MMU. If a process has direct access to a device that supports DMA, it can tell the device to read or write memory that belongs to other processes (f.ex. order the sound card to read the sound buffer from kernel space. The process can then read the sound buffer to get access to kernel memory).

To safely allow a process (or guest OS) direct access to hardware devices, the hardware architecture and OS needs to be designed so that a DMA from the hardware device can only access memory owned by the process that ordered the DMA.

What is the big deal?

[jlbprof]

I understand we are talking about virtual machines that is multiple OS's running on the same machine simultaneously.

My question is: what does that offer me? Other then possibly running a linux and XP on my home machine what could that possibly offer anyone?

Thanx

Julian