[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[MirageOS-devel] "Unikernels as Processes" paper, Mirage/Solo5 and seccomp

To: mirageos-devel@xxxxxxxxxxxxxxxxxxxx
From: Martin Lucina <martin@xxxxxxxxxx>
Date: Sun, 21 Oct 2018 21:13:06 +0200
Delivery-date: Sun, 21 Oct 2018 19:23:18 +0000
List-id: Developer list for MirageOS <mirageos-devel.lists.xenproject.org>
Mail-followup-to: mirageos-devel@xxxxxxxxxxxxxxxxxxxx

Hi all,

I'm happy to announce that our ACM SoCC 2018 paper entitled "Unikernels as
Processes" is now publicly available at
https://dl.acm.org/citation.cfm?id=3267845.

The paper by Dan and Ricardo of IBM Research, Nikhil of BITS Pilani and
myself presents the central tenet that the host attack surface/TCB of a
Linux seccomp-sandboxed unikernel is comparable to, or, depending or your
evaluation metric, better than that of hardware virtualization sandbox.

Dan & Ricardo's implementation of a seccomp tender for Solo5 is available
today as part of the "nabla containers" project at
https://github.com/nabla-containers/solo5.

I plan to work together with Dan & Ricardo on upstreaming this code to
Solo5 next month, hopefully to be released as a fully integrated target for
MirageOS before the end of the year.

Regards,

-mato

_______________________________________________
MirageOS-devel mailing list
MirageOS-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/mirageos-devel

Prev by Date: Re: [MirageOS-devel] uri interface change for sexp serialisation
Next by Date: Re: [MirageOS-devel] Can one use malfunction with mirageos?
Previous by thread: [MirageOS-devel] uri interface change for sexp serialisation
Next by thread: [MirageOS-devel] Project setup with dune
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.