hannes/hannes.robur.coop
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

.

Browse source
This commit is contained in:
Hannes Mehnert 2017-01-24 13:31:51 +00:00
parent b8d3ea3687
commit 4722a72fdc
1 changed files with 7 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
Posts/OperatingSystem
View file

@ -41,11 +41,12 @@ can contain code into areas with less authority, we should do so. Obviously,
the mechanism to contain code needs to be carefully audited as well, since the mechanism to contain code needs to be carefully audited as well, since
it will likely need to run in privileged mode. it will likely need to run in privileged mode.
In a virtualised world, we have on top of the kernel a In a virtualised world, we run a
[hypervisor](https://en.wikipedia.org/wiki/Hypervisor), which runs in ring -1. [hypervisor](https://en.wikipedia.org/wiki/Hypervisor) in ring -1, on top of
The hypervisor gives access to memory and hardware to virtual machines, which we run an operating system kernel. The hypervisor gives access to memory
schedules those virtual machines on processors, and should isolate the virtual and hardware to virtual machines, schedules those virtual machines on
machines from each other. processors, and should isolate the virtual machines from each other (by using
the MMU).
![there's no cloud, just other people's computers](https://fsfe.org/contribute/promopics/thereisnocloud-v2-preview.png) ![there's no cloud, just other people's computers](https://fsfe.org/contribute/promopics/thereisnocloud-v2-preview.png)
@ -107,7 +108,7 @@ primitives](https://github.com/mirleft/ocaml-nocrypto/tree/f076d4e75c56054d79b87
To further read up on the topic, there is a [nice article about the To further read up on the topic, there is a [nice article about the
security](https://matildah.github.io/posts/2016-01-30-unikernel-security.html). security](https://matildah.github.io/posts/2016-01-30-unikernel-security.html).
This website is 16MB in size (and I didn't even bother to strip yet), which This website is 12MB in size (and I didn't even bother to strip yet), which
includes the static CSS and JavaScript (bootstrap, jquery, fonts), [HTTP](https://github.com/mirage/ocaml-cohttp), [TLS](https://github.com/mirleft/ocaml-tls) (also [X.509](https://github.com/mirleft/ocaml-x509), [ASN.1](https://github.com/mirleft/ocaml-asn1-combinators), [crypto](https://github.com/mirleft/ocaml-nocrypto)), [git](https://github.com/mirage/ocaml-git/) (and [irmin](https://github.com/mirage/irmin)), [TCP/IP](https://github.com/mirage/mirage-tcpip) libraries. includes the static CSS and JavaScript (bootstrap, jquery, fonts), [HTTP](https://github.com/mirage/ocaml-cohttp), [TLS](https://github.com/mirleft/ocaml-tls) (also [X.509](https://github.com/mirleft/ocaml-x509), [ASN.1](https://github.com/mirleft/ocaml-asn1-combinators), [crypto](https://github.com/mirleft/ocaml-nocrypto)), [git](https://github.com/mirage/ocaml-git/) (and [irmin](https://github.com/mirage/irmin)), [TCP/IP](https://github.com/mirage/mirage-tcpip) libraries.
The memory management in MirageOS is The memory management in MirageOS is
straightforward: the hypervisor provides the OCaml runtime with a chunk of memory, which straightforward: the hypervisor provides the OCaml runtime with a chunk of memory, which