IIUC, yes, all the kernels involved run directly on the hardware, in a "cooperative" way, i.e. they must agree on not touching others' memory regions.

I think the architecture assumes all loaded kernels are trusted, and imposes no isolation other than having them running on different CPUs.

Given the (relative) simplicity of the PoC, it could be really performant.

▲

yjftsjthsd-h 3 days ago | parent | next [-]

Can't the kernel set up hardware-backed memory maps to partially blind itself to other memory regions? (Only "partially" because even then I expect it could just change the mappings, but it's still a protection against accidental corruption)

	▲	p_l 18 hours ago \| parent [-]
		That's standard part of setups like that, the cooperative aspect is that they have to set the memory map so they don't overlap.

▲

yalogin 3 days ago | parent | prev [-]

Wonder what the use cases are. Doesn’t feel like the kernels are hotswappable, so why is it preferred over VMs?

	▲	yxhuvud 3 days ago \| parent [-]
		If nothing else, it is a path to making them hotswappable.