OS and VM isolation

Operating systems and virtual machines have been the workhorses of isolation for a long time. One baseline isolation plan, which we don't have a reading assignment for, is to rely on the operating system to isolate processes / users / containers from one another; you have hopefully seen it in previous classes (such as 6.1800), and we will talk a bit about it in lecture.

For this lecture, read about the following case studies of different isolation designs, which try to improve on baseline OS isolation:

• Read sections 1-3 of the Firecracker paper, published in 2020. Firecracker was developed by Amazon to be a small, highly secure virtual machine monitor, building on top of the KVM machinery provided by the Linux kernel. The later sections of the Firecracker paper talk about how Amazon uses Firecracker for their Lambda service, which you can skip.
• Read about the design of gVisor (last revised 2021), an alternative plan to relying on the operating system kernel to provide isolation for shared services such as the file system and the network stack.
• Read a comparison study of Firecracker and gVisor, sections 2-3. This paper discusses some of the advantages and trade-offs in Firecracker and gVisor, and compares them to LXC, which is more-or-less the baseline plan of relying on the host Linux OS kernel for isolation. Later sections go into more detailed comparisons that aren't as important to read.