Information Technology Reference
In-Depth Information
out from the virtual address space, and maps the pages which belong to the new
process being switched over to, to the same addresses.
Fenix Common Process
Fenix Common Process
Linux Processes
Linux Processes
Командный
процессор bash
Midnight
commander -
file manager
Lynx WEB-
browser
Apache WEB-
server
Adapted Linux Kernel
Adapted Linux Kernel
Linux Virtual Machine
Linux Virtual Machine
Fenix Security Mechanisms
Fenix Resources
Fenix Microkernel
Hardware
Fig. 2.
The Architecture of the “Linux over Fenix” Secure Hybrid Operating System
The VM should handle certain processor exceptions and interrupts — for instance,
timer interrupts or paging errors. When an exception or an interrupt related to the VM
process occurs, the Fenix kernel transfers control to the VM, to handle the situation.
In the case when the VM handles the interrupt or the exception incorrectly, the
integrity and stability of the Fenix OS will not be damaged — the process of this VM
will be terminated.
6.2 Security
Security features of the hybrid operating system should be dealing with the two main
issues: they should protect the components of the operating systems (both kernels and
processes) from interfering with each other, and control the access to the host system
resources by the guest system applications.
In the Fenix environment Linux functions in the user mode as an ordinary user
process. This means that Linux cannot disturb the operation of the Fenix OS kernel
and of other applications run in the Fenix environment.
More than that, the Fenix VM for Linux using the mechanisms of segment
boundaries, privileges and virtual memory can isolate the Linux kernel from the
Linux user processes and the Linux user processes from one another. To deal with this
problem the full scope of potentialities offered by the processors of IA-32 architecture
is used for memory protection.
1.
Protection of the Fenix kernel from the Linux kernel.
The Fenix kernel is protected
from the Linux kernel by the paged memory (the Fenix kernel is executed in
