From: Bakul Shah <bakul@bitblocks.com>
To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net>
Subject: Re: [9fans] A note about new software for Plan 9
Date: Tue, 12 Mar 2013 11:27:07 -0700 [thread overview]
Message-ID: <20130312182707.9DFE7B82A@mail.bitblocks.com> (raw)
In-Reply-To: Your message of "Tue, 12 Mar 2013 10:57:53 EDT." <CAFUtaNFXmgg5dy+23fSKOpP9L9K0c+zYpo17EJZn=9dOcDeziA@mail.gmail.com>
On Tue, 12 Mar 2013 10:57:53 EDT "Joel C. Salomon" <joelcsalomon@gmail.com> wrote:
> On Mon, Mar 11, 2013 at 11:52 PM, Bakul Shah <bakul@bitblocks.com> wrote:
> > To do something similar you will have to constrain each jail
> > to see a subset of processes, give it its own /dev, /env etc.
> > Not sure how you do this.
>
> So long as processes in the jail use /dev, /env, etc., etc., as
> inherited from/shared with their parent processes, this seems doable,
> if tedious: provide a synthetic file system that shows a limited view
> on /dev, /env, etc.
>
> But the child process can always mount #x for various x, and get out of jail.
The question really is, can we virtualize plan9 machines while
staying pretty much within the plan9 framework or by extending
it in a way consistent with its design?
To fully virtualize plan9 you'd have to virtualize kernel
services as well. May be you'd've to dream up a ## service
that mediates access to hosts's #services!
While one VM has no access to resources of another VM, the
parent host or the "hypervisor" does need access to every VM
to manage and connect up their resources as needed (for
instance connect A and B's serial devices to each other).
[Ideally this host is also virtualizable]
And it is more than limiting the view; you may have to
fabricate a new view! In the networkign example I previously
mentioned, we had to provide virtual interfaces of various
kinds for each VM where the corresponding physical interfaces
didn't exist on the host.
You can of course do all this in Qemu/Vbox/VMware etc. but the
runtime cost is much higher. And you need to compile code into
these emulators if you want to simulate new devices. With
plan9 this could be much easier.
next prev parent reply other threads:[~2013-03-12 18:27 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-03-12 3:17 mycroftiv
2013-03-12 3:52 ` Bakul Shah
2013-03-12 14:57 ` Joel C. Salomon
2013-03-12 14:59 ` erik quanstrom
2013-03-12 18:27 ` Bakul Shah [this message]
-- strict thread matches above, loose matches on Subject: below --
2013-03-13 2:51 mycroftiv
2013-03-12 4:20 mycroftiv
2013-03-12 5:56 ` Bakul Shah
2013-03-12 12:33 ` sl
2013-03-12 1:22 mycroftiv
2013-03-12 1:26 ` erik quanstrom
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130312182707.9DFE7B82A@mail.bitblocks.com \
--to=bakul@bitblocks.com \
--cc=9fans@9fans.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).