LISTSERV - HP3000-L Archives

HP3000-L Archives

May 1996, Week 2

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L May 1996, Week 2

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re(2): A MacOpportunity :-) [digression]
From:	Bruce Toback <[log in to unmask]>
Reply To:	Bruce Toback <[log in to unmask]>
Date:	Thu, 9 May 1996 07:07:30 -0700
Content-Type:	text/plain
Parts/Attachments:	text/plain (37 lines)

Jeff Kell writes:
> Even IBM's
> VM/ESA which does emulate multiple virtual physical machines (albeit all
> IBM platforms) only allows them to co-exist, not co-operate.  They made a
> really big deal not that long ago about "shared code segments" that multiple
> users could share, and elaborated on converting your code to localize all of
> your data references to your assigned "data area" (non-trivial).  This
> seemingly "ground-breaking" breakthrough was years after MPE and it's
> explicit code/data sharing/separation.

VM is in a quite different class from MPE's code and data management. In MPE,
the code and data protection can be overridden by privileged programs. You
can't run an OS as a process under MPE without compromising system integrity.
The point of VM is that there must be no way that a program can tell that it's
being run in a virtual machine, even if the "program" is a privileged OS. So
sharing protected code is a lot harder in VM: if a privileged program running
in a virtual machine changes the code in a shared but protected page, the OS
must make a  private copy of that page for the virtual machine that changed
it. (One privileged program that's not only allowed but expected to do this is
a debugger.) All privileged operations have to be emulated, and the emulation
has to be invisible to other privileged code.

IBM did a very good job: you can even run VM in a VM vm. Sharing code within a
vm is easy, but sharing code across vm's requires takes a lot of careful
recordkeeping. In fact, nearly all known VM penetrations take advantage of
timing inconsistencies, the only way that a program can tell it's not really
privileged.

-- Bruce

--------------------------------------------------------------------------
Bruce Toback    Tel: (602) 996-8601| My candle burns at both ends;
OPT, Inc.            (800) 858-4507| It will not last the night;
11801 N. Tatum Blvd. Ste. 142      | But ah, my foes, and oh, my friends -
Phoenix AZ 85028                   | It gives a lovely light.
[log in to unmask]                   |     -- Edna St. Vincent Millay

ATOM RSS1 RSS2

RAVEN.UTC.EDU