From mboxrd@z Thu Jan 1 00:00:00 1970 MIME-Version: 1.0 From: Skip Tavakkolian Date: Wed, 2 May 2018 19:19:43 +0000 Message-ID: To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Content-Type: multipart/alternative; boundary="000000000000c8b594056b3df8c4" Subject: [9fans] gVisor - user space kernel in Go Topicbox-Message-UUID: d561b810-ead9-11e9-9d60-3106f5b1d025 --000000000000c8b594056b3df8c4 Content-Type: text/plain; charset="UTF-8" Just saw this today; might be of interest to some 9fans. Apache open source from Google: https://github.com/google/gvisor --000000000000c8b594056b3df8c4 Content-Type: text/html; charset="UTF-8"
Just saw this today; might be of interest to some 9fans. Apache open source from Google:

https://github.com/google/gvisor


--000000000000c8b594056b3df8c4-- From mboxrd@z Thu Jan 1 00:00:00 1970 MIME-Version: 1.0 In-Reply-To: References: From: yy Date: Thu, 3 May 2018 13:41:27 +0200 Message-ID: To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Content-Type: text/plain; charset="UTF-8" Subject: Re: [9fans] gVisor - user space kernel in Go Topicbox-Message-UUID: d583473c-ead9-11e9-9d60-3106f5b1d025 Maybe one of the most interesting aspects is that it includes a 9P2000.L implementation: https://github.com/google/gvisor/tree/master/pkg/p9 On 2 May 2018 at 21:19, Skip Tavakkolian wrote: > Just saw this today; might be of interest to some 9fans. Apache open source > from Google: > > https://github.com/google/gvisor > > -- - yiyus || JGL . From mboxrd@z Thu Jan 1 00:00:00 1970 MIME-Version: 1.0 In-Reply-To: References: From: hiro <23hiro@gmail.com> Date: Thu, 3 May 2018 18:01:09 +0200 Message-ID: To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Content-Type: text/plain; charset="UTF-8" Subject: Re: [9fans] gVisor - user space kernel in Go Topicbox-Message-UUID: d58874be-ead9-11e9-9d60-3106f5b1d025 agreed. perhaps there are more gems :) From mboxrd@z Thu Jan 1 00:00:00 1970 MIME-Version: 1.0 In-Reply-To: References: From: =?UTF-8?B?QXJhbSBIxIN2xINybmVhbnU=?= Date: Thu, 3 May 2018 19:55:10 +0200 Message-ID: To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Subject: Re: [9fans] gVisor - user space kernel in Go Topicbox-Message-UUID: d58d6fe6-ead9-11e9-9d60-3106f5b1d025 Looks pretty portable, the only Linux-specific things seem to be non-essential sandboxing stuff, e.g. seccomp, and the only Unix-specific dependency is on ptrace. Should not be too hard to make it into linuxemu on Plan 9. --=20 Aram H=C4=83v=C4=83rneanu From mboxrd@z Thu Jan 1 00:00:00 1970 MIME-Version: 1.0 References: In-Reply-To: From: Skip Tavakkolian Date: Thu, 3 May 2018 18:55:02 +0000 Message-ID: To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Content-Type: multipart/alternative; boundary="0000000000004f8470056b51bea6" Subject: Re: [9fans] gVisor - user space kernel in Go Topicbox-Message-UUID: d591a408-ead9-11e9-9d60-3106f5b1d025 --0000000000004f8470056b51bea6 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Thanks! I was hoping to get confirmation of this. I had a similar thought based on my layman's understanding of it. On Thu, May 3, 2018 at 10:55 AM Aram H=C4=83v=C4=83rneanu w= rote: > Looks pretty portable, the only Linux-specific things seem to be > non-essential sandboxing stuff, e.g. seccomp, and the only > Unix-specific dependency is on ptrace. Should not be too hard to make > it into linuxemu on Plan 9. > > -- > Aram H=C4=83v=C4=83rneanu > > --0000000000004f8470056b51bea6 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Thanks!=C2=A0 I was hoping to get confirmation of this.=C2= =A0 I had a similar thought based on my layman's understanding of it.

On Thu, = May 3, 2018 at 10:55 AM Aram H=C4=83v=C4=83rneanu <aram.h@mgk.ro> wrote:
Looks pretty portable, the only Linux-specific things seem to be
non-essential sandboxing stuff, e.g. seccomp, and the only
Unix-specific dependency is on ptrace. Should not be too hard to make
it into linuxemu on Plan 9.

--
Aram H=C4=83v=C4=83rneanu

--0000000000004f8470056b51bea6-- From mboxrd@z Thu Jan 1 00:00:00 1970 From: Bakul Shah To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> In-reply-to: Your message of "Wed, 02 May 2018 19:19:43 -0000." References: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <89967.1525382792.1@bitblocks.com> Content-Transfer-Encoding: quoted-printable Date: Thu, 3 May 2018 14:26:32 -0700 Message-Id: <20180503212639.3A801156E510@mail.bitblocks.com> Subject: Re: [9fans] gVisor - user space kernel in Go Topicbox-Message-UUID: d595f332-ead9-11e9-9d60-3106f5b1d025 On Wed, 02 May 2018 19:19:43 -0000 Skip Tavakkolian wrote: > = > Just saw this today; might be of interest to some 9fans. Apache open sou= rce > from Google: > = > https://github.com/google/gvisor Unix emulation on microkernels looks a bit like this. Quick comparison: jails each jail has its own kernel context. The host kernel needs support for this. Apps run unchanged. containers & zones are variations on this. VMs a proxy emulates a processor and assorted IO devices. very fast if the host and guest instruction sets are very similar. The host doesn't know about emulation or care. Apps run unchanged. gvisor a proxy emulates an OS API by intercepting all syscalls. Very few host facilities are needed. Apps may have to be linked with the right library. In a capabilities based system you don't need most of this and can still achieve better security and isolation. What a process can access is constrained by the capabilities it holds or can gain via calls on existing caps. API interception as with gvisor can be done naturally: a process would be given proxy caps to start with. plan9 more or less used file descriptors in this fashion. It also provided better higher level composition by attempting to cast many things as files/dirs/filesystems. Even here I think a cap system can be used to build better &/or more convenient abstractions.