Embodiments of the inventive subject matter generally relate to the field of virtual operating systems, and, more particularly, to securely managing kernel extensions in virtual operating systems.
Operating system virtualization is a technology that can divide a single host, such as a server, into multiple parts, or partitions, each running a separate instance, or image, of an operating system (OS). The instances of the operating systems are separate, or isolated, from each other in some ways. For example, the instances of the operating systems have separate file systems, separate users, separate applications, and separate processes. In other ways, however, the instances of the operating systems are not separate and can share some resources of the host. For example, the instances of the operating systems can share the memory, the kernel, the processors, the network cards, the hard drives, and/or other software, firmware, and/or hardware of the host. Thus, each instance of the operating system can look and feel like a separate server or machine from the point of view of its users. However, because the instances of the operating system share resources of the host, the instances of the operating systems are not actually separate devices. The instances of the operating system are commonly referred to as “virtual” or “virtualized” operating systems (virtual OS's). In similar contexts, virtualized operating systems are also referred to as virtual partitions, virtual machines, virtual environments, or virtual servers.
Virtual OS's can be implemented in different ways. One way is for an administrative user to create a logical partition (LPAR) on a host and install an instance of an operating system on the LPAR. The administrative user can create a logical partition (LPAR) by dividing a portion, or subset, of the host's hardware resources, such as processors, memory, and storage. The administrative user can isolate the LPAR from other LPARs running on the same device or machine. Specifically, the administrative user isolates the subset of the host's hardware resources from other subsets, so that multiple LPARs can run on the host, with each LPAR operating independently of each other, as if each LPAR was a separate machine. The administrative user can install an instance of the operating system on an LPAR. The instance of the operating system can run its own applications in a way that is separate and isolated from any other LPAR. The number of LPARs that can be created on a host, however, depends on the number of the host's resources available. For example, to create an LPAR, an administrative user must physically partition a portion of the host's memory and assign the portion of the host's memory to the LPAR. Because LPARs have separation at the hardware level, LPARs are very stable, can run different versions of an operating system, and provide a very high degree of isolation from other LPARs.
A different way to create a virtual OS is to form a workload partition (WPAR). WPARs were introduced in the IBM® AIX® 6.1 operating system. WPARs are a software implementation of operating system virtualization. More specifically, WPARs are software partitions that are created from, run under, and share the resources of a managing instance of the operating system (OS). The WPARs and the managing instance share an identical operating system (e.g., identical version, identical patches, identical tuning options, etc.). The managing instance of the OS may be referred to as a global environment or a global OS. Multiple WPARs can run on a single managing resource (e.g., on a single machine or on a single LPAR), which can all be managed by the global OS. An administrative user does not need to physically divide up portions of the host's hardware to create a WPAR. Rather, the administrative user runs a command to generate a WPAR and the global OS creates and manages the WPAR as a software partition. Because WPARs are software implementations, WPARs can easily be migrated from one managing resource to another (e.g., from one LPAR to another or from one machine to another).
WPARs can be two types, a system WPAR and an application WPAR. System WPARS are virtual system environments that have their own separate file systems, users and groups, login, network space, and administrative domain. All system WPARs managed by the global OS share the same kernel, the same memory, and some other resources that the global OS uses. Application WPARs are lightweight environments used for isolating and executing one or many application processes.