22 Dec
2015
22 Dec
'15
8:39 a.m.
Hi!
I am not sure what you mean here. Genode can already execute Linux within a virtual machine (Seoul or VirtualBox) or as a paravirtualized version on top of the Fiasco.OC kernel. If this is not sufficient, what is your approach?
The problem in this approach is that the (virtualized) Linux instance is still running the same very insecure (if you ask me;) Linux kernel. Within the scope of the Linux kernel, there is nothing to limit the kind of hazards grsecurity is/was made to prevent.
To reiterate, what I would like to see is Linux (and/or BSD) kernel running directly on top of genode.
Yours,
Jyri