[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[MirageOS-devel] "Unikernels as Processes" paper, Mirage/Solo5 and seccomp

Hi all,

I'm happy to announce that our ACM SoCC 2018 paper entitled "Unikernels as
Processes" is now publicly available at

The paper by Dan and Ricardo of IBM Research, Nikhil of BITS Pilani and
myself presents the central tenet that the host attack surface/TCB of a
Linux seccomp-sandboxed unikernel is comparable to, or, depending or your
evaluation metric, better than that of hardware virtualization sandbox.

Dan & Ricardo's implementation of a seccomp tender for Solo5 is available
today as part of the "nabla containers" project at

I plan to work together with Dan & Ricardo on upstreaming this code to
Solo5 next month, hopefully to be released as a fully integrated target for
MirageOS before the end of the year.



MirageOS-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.