First page Back Continue Last page Overview Text


This has a number of benefits over the current situation.
First, it makes the process address space inside UML identical to the host. They get the standard 3G address space, with the host kernel taking the upper 1G, as usual. This makes UML honeypots a lot more convincing.
''jail'' mode will fall out of this automatically, since the UML kernel isn't present in the process address space. This will make it the default, as it should be.
UML also gets a 3G address space, which gives it a lot more kernel virtual memory.
The downside is that the copy_{to,from}_user family of functions become less trivial. These could be implemented with read and write of the file descriptor representing the process address space.