Re: Operating system-level virtualization: how to make it?
- To: debian-user@lists.debian.org
- Subject: Re: Operating system-level virtualization: how to make it?
- From: Sthu Deus <sthu.deus@gmail.com>
- Date: Mon, 14 Dec 2009 23:04:18 +0700
- Message-id: <[🔎] 4b268702.170d660a.6e04.7f19@mx.google.com>
- In-reply-to: <20090527134058.GB7160@blitz.hooton>
- References: <4a16e710.0707d00a.50b0.4029@mx.google.com> <slrnh1dq5j.nor.gildor@gallu.homelinux.org> <20090526184649.GA4134@portable.home.famille-guignard.org> <20090527134058.GB7160@blitz.hooton>
Thank You for Your time and answer, Douglas:
>Unless something has changed, to be really secure, virtualization has to
>be fully supported in the hardware of the CPU so that there are no CPU
>instructions that can be issued from within the virtual machine to break
>out of it. i386/amd64 don't meet that criteria. I don't know what
>other vendors have, but e.g. IBM's Power architecture does, and provides
>logical partitions (LPARs) at the firmware level which appear to the OS
>as a real piece of hardware.
How is it if I see CPU virtualization instructions for, say, amd64?
Reply to: