<bslsk05>
docs.microsoft.com: Virtualization-based Security (VBS) | Microsoft Docs
<pyzozord>
Yeah I guess I though that if I was using a vm instead of normal operating system it would confuse potential malwares/script-kieddies and they would try to attack and gain access to a kernel that was still inside the vm
<Arsen>
how would you get data out of and into the vm?
<Arsen>
give it the pci devices?
<pyzozord>
I don't know, ideally I wanted to have something like a layerd file system where I can set some of the lower layers read only. Also I was hoping the vm would run without xorg and would use real devices for input and output instead
<Arsen>
what does xorg have to do with vms?
<pyzozord>
the vm would need to run ubuntu in graphical mode so I cna have normal user experience and as such would need to display graphics somehow
<Arsen>
regardless of that, running a hypervisor to ultimately only run one guest on it is pointless, as that provides no additional isolation compared to not running s hypervisor
<Arsen>
the fact that it's running under virt doesn't mean much alone
<Arsen>
since in that case all the processes on the system are in that one VM anyways
<pyzozord>
hmm that's true, so what would be a better strategy here?
ElectronApps has quit [Read error: Connection reset by peer]
ElectronApps has joined #osdev
<Arsen>
dunno, namespaces, qubes, depends on your use case
jeramiah has joined #osdev
<pyzozord>
Hmm, I guess there are two usecases, one is to protect me from myself in case I mess anything up with the system. And the second usecase is what I mentioned above with the malware
<zid>
how does it protect anything?
<zid>
Any hardware you need to have control over must be passed through the VM
<zid>
.. so your OS must have full control of the hardware regardless
<zid>
Unless we're talking about read/write marshalling or whatever and taking the 1000x slowdow
ahalaney has joined #osdev
<pyzozord>
zid: sorry, I don't understand. Can you explain what do you mean?
<GeDaMo>
Sounds like you want a different OS rather than virtualizing your current one :P
<zid>
pyzozord: if you make a VM to host your kernel, your kernel still needs to access the hardware to.. do anything
<zid>
so hacking the kernel == hacking the hardware
<zid>
if you instead invent a little mechanism between the VM and the kernel, such as "VM please tell this to this hardware", that's going to slow down hardware access a *lot*
<zid>
You can't have your cake, some more cake, and eat both
<GeDaMo>
Mmmm ... cake :P
dutch has quit [Quit: WeeChat 3.0.1]
<pyzozord>
hmm. I vaguely remember that when I was attenting some public programming classes in a culture center when I was a kid. They had linux oses, but there was some special thing that it did before booting, it was diffing all disk memory and printing + or - depending on when it was reverting something
<pyzozord>
you probably have no idea what I am talking about. Point is, there was something that was an extra layer/measure of security and safety so that users don't mess up the systems
<GeDaMo>
Probably just mirroring from a known good version
<nshp>
you could achieve that with filesystem snapshots, which are supported by (at least) btrfs and zfs
<zid>
the normal way to do that is just pxe boot
<nshp>
or that, be a thin client
<nshp>
but do you really not trust yourself _that_ much?
<nshp>
sounds far too inconvenient for a personal machine where you're likely installing and reconfiguring things fairly often
Izem has joined #osdev
<pyzozord>
I almost broke my system recently. I added a shell script to ~/.local/bin/grep that was doing command grep with few extra flags to exclude some default directories. After that the system was hanging after gnome login screen
<GeDaMo>
Boot from a USB stick
<pyzozord>
I had to change in my ~/.profile PATH="$HOME/.local/bin:$PATH" to PATH="$PATH:$HOME/.local/bin" via the rescue/panic boot mode
<zid>
or just hit e when in grub
<zid>
and add init=/bin/bash
<zid>
or busybox
<zid>
rescue whatever you like
<pyzozord>
I thought, I got lucky this time, but next time I might not be so lucky and I'll need to reinstall everything which is not great because I have like 10GB of files like books or projects, and copying that to a usb stick and than back to a fresh installation takes forever
<pyzozord>
so that made me think how can I virtualize my environment to always have possibility to revive
<GeDaMo>
A network drive?
<j`ey>
yeah I dont think virtualisiation helps with that situation
<pyzozord>
One idea I like is the layered file system like docker has, and then maybe set lower, more imortant layers as read only? Also thought that maybe doing all userland stuff in a linux container would also make something somewhat safer?
<pyzozord>
j`ey: yeah that could be some fundamental missconception about virtualisation I have
<Izem>
you just need a file system that can snapshot
<Izem>
or restore point etc.
<pyzozord>
I was just thinking "more layers of abstraction means more layers to break through for me or other potentially malicious actor"
<zid>
or just use emu
<zid>
qemu*
<zid>
Always useful to have your shit run in qemu anyway so that you can use it as a debugger
<pyzozord>
that was my idea use qemu, but then I wanted to make it as seamless and transparent as possible so that as a user I don't really notice I'm working on a virtualized environment
<GeDaMo>
I remember reading about an experimental filesystem which never deleted so you could always go back to older versions of files
<Izem>
pledge seems to be a nice idea, I wonder why others have not adopted it
<Izem>
pyzozord: check out fedora silverblue, they have some similar ideas
<Izem>
then again I can't imagine Linux is fond of adding another security/auth system :P
<pyzozord>
Also In qemu I can kind of make disk images and install the system then make disk image of fresh unchanged system, then run the quem with the system image and a new empty disk that only records changes from that original system
<pyzozord>
Need to check out the ideas you guys just mentioned
jjuran has quit [Read error: Connection reset by peer]
jjuran has joined #osdev
<pyzozord>
Izem: oh interesting what you say about this idea being against linux philosophy. Is it that linux kernel developers think "our system is secure on it's own"?
<NieDzejkob_>
GeDaMo: what happens when you run out of space?
<GeDaMo>
I don't remember
dennis95 has quit [Remote host closed the connection]
<GeDaMo>
"In Elephant, users can specify data retention policies on a per-file or per-file-group basis, in a fashion similar to access-protection information in a traditional UNIX file system. Periodically, a file system cleaner examines the file system and uses these policies to decide when and which disk blocks to reclaim, compress, or move to tertiary storage."
<Izem>
pyzozord: I don't think it is, I am just speculating
_whitelogger has joined #osdev
<pyzozord>
That Fedora Silverblue seems like a full linux distro. I honestly would prefer to stick to ubuntu or at least debian, since that's all I know
<pyzozord>
The pledge thing is an openbsd thing, so I don't think there is a way to make it work with ubuntu
<Izem>
yeah, they just have some ideas that you talked about
<Izem>
coninters, ostree etc.
nismbu has quit [Ping timeout: 258 seconds]
nismbu has joined #osdev
ElectronApps has quit [Remote host closed the connection]
iorem has quit [Quit: Connection closed]
Oshawott has quit [Ping timeout: 258 seconds]
Oshawott has joined #osdev
Izem has quit [Quit: Izem]
pyzozord has left #osdev [#osdev]
freakazoid343 has joined #osdev
Ameisen has quit [Quit: Quitting]
Ameisen has joined #osdev
srjek has joined #osdev
Izem has joined #osdev
alexander has quit [Quit: ZNC 1.7.2+deb3 - https://znc.in]
alexande1 has joined #osdev
mahmutov has joined #osdev
alexande1 is now known as alexander
alexander has quit [Client Quit]
alexander has joined #osdev
mahmutov has quit [Ping timeout: 250 seconds]
mahmutov has joined #osdev
elastic_dog has quit [Ping timeout: 240 seconds]
elastic_dog has joined #osdev
zoey has joined #osdev
dennis95 has quit [Quit: Leaving]
<NieDzejkob_>
Hmm, I'm considering something like a graph-based filesystem. That would imply some form of reference counting, but then the problem is cycles. Perhaps I could provide strong and weak links (a la rust's rc::Weak), and forbid strong cycles, but then, is there an efficient way of detecting whether adding an edge to a DAG would create a cycle? I suppose I'd need something like a union-find that knows about direction
gmacd has joined #osdev
<zid>
aren't all filesystems graphs
<kc8apf>
not all but anything that supports hard links and soft links, e.g. every POSIX filesystem, NTFS, many, many others
<geist>
i dont talk none of this fancy computer science speak, but i guess a simple tree is basically just a form of a graph right?
<geist>
though i'm not trying to be pedantic about it
<zid>
pretty sure *all8 filesystems are graphs, it's just whether you mean directed and other subtypes
<geist>
(that's what EE degrees get ya, never took hard core computer sciency classes)
<Izem>
yes
<Izem>
pedantic would be to say acylic graph
<geist>
is a tree a DAG?
<Izem>
yeah
<geist>
yah
<geist>
but yeah anyway, i'd say a posix style system is still basically a DAG because you can't hard link directories
<geist>
and symlinks are kinda not part of the graph, you could argue
<Izem>
who decide on a tree for a filesystem anyways?
<geist>
that're more of a 'stop here and start the walk over again' sort of thing
<zid>
I think it's more we decided on
<zid>
"Heirarchical"
<geist>
redirection more than anything else, since there's no direct link to the target, it's only a string
<zid>
and the CS term for that is a tree
<zid>
We've had filing cabinets and libraries for a lot longer than computers
<geist>
re: trees on filesystems, that goes wayyy back
<geist>
unix most certainly didn't invent it, but i think a lot of systems in the 60s had already been toying with it
<Izem>
I just had the idea of a file system as a plane :D
<geist>
but then there are lots of systems in the 60s that didn't have heirarchial filesystems
<Izem>
oh ok
<GeDaMo>
CP/M and MS-DOS didn't have tree directories to start with
<Izem>
what did they have?
<geist>
lots of times they had something like 'your login has a workspace'
<Izem>
that's great, isn't it?
<geist>
or say, systems like RSX-11 or whatnot (minicomputer, 70s) had the notion of user.project
<GeDaMo>
It was a single list of files
<geist>
so it had directories, but they were more like you had [N.M] numbered workspaces
<GeDaMo>
Concurrent CP/M had numbered areas
<geist>
plain CP/M did too, with up to 15 users per floppy
<geist>
but you can consider that to just be like 16 root dirs
<Izem>
interesting
<GeDaMo>
Yeah
<geist>
(i think CP/M just put a 4 bit tag on each dir entry so they were unique)
<GeDaMo>
Pick's filesystem was built on a database
<geist>
but stuff like TOS (for CDC6xxx) or the one on the Sigma-9, i forget the OS's name, had a notion of 'your login is a workspace'
<geist>
and when you log out it clears it unless you specifically use some api to save something for future logins, etc
<geist>
i forget what the PDP-10 oses did, they were possibly heirarchial?
<GeDaMo>
There's an OS, can't remember which one, which has replaced its tree structured directory with a single file list
<geist>
TOPS-10, etc
<GeDaMo>
You can still have e.g. "/a/b/c" but it's not stored in separate directories
<geist>
fuchsia has some stuff like that under the hood too
<geist>
since there is not a global namespace at all, each process/environment/etc is handed its own view of the fs
<Izem>
nice
<GeDaMo>
It means you don't have to open a then open b within a before you get to c
<geist>
but the process's view s still heirachial
<Izem>
GeDaMo: yeah that's pretty slick
<zid>
I mean, there's no real reason you HAVE to think of a modern fs as heirarchical
<zid>
you can just deal in absolute paths
<zid>
/root/dev/blah.c just being a filename and everything is on a single root
<NieDzejkob_>
what I mean by graph is that a file is a blob of bytes + a list of pointers to other filesystem objects
<Izem>
I'd prefer to get around my fs based on coordinates
<Izem>
then I could have a special map program :D
<NieDzejkob_>
for example if an executable wants a dynamic library, it can keep a direct reference to the inode of the .so
<NieDzejkob_>
and then you get things like nix/guix's garbage collected store
<NieDzejkob_>
but in general any application could use this
<bslsk05>
en.wikipedia.org: fsn (file manager) - Wikipedia
<NieDzejkob_>
embed a picture or table in a powerpoint? pointer.
<NieDzejkob_>
and then it doesn't matter if the pointee is moved (= the user-managed handle gets moved)
<Izem>
the topographic view would have the density of the fs
<Izem>
GeDaMo: oh woah
<NieDzejkob_>
I'd probably keep the tree hierarchy for organization by the user. idk. but the underlying graph would also allow neatly implementing tagging
<Izem>
what happened to this program?
<GeDaMo>
Izem: have you never see Jurassic Park? :P
<Izem>
I did when I was a lot younger
<Izem>
it's been a while, I'll look out for this next time
<bslsk05>
'It's a unix system' by loblik (00:01:24)
<Izem>
haha
mahmutov has quit [Ping timeout: 252 seconds]
<Izem>
NieDzejkob_: what happens if the image is deleted or the permissions change?
<geist>
iirc that was basically a standard demo with SGI Irix machines
<geist>
mostly to show off opengl
<zid>
Still waiting for my onyx2 to show up btw guys
<geist>
i had an indy for a while. was a nice box but i eventually passed it onto someone else
mahmutov has joined #osdev
<NieDzejkob_>
Izem: when the user deletes the image, all that does is removes the pointer from the directory in which it was, and decrements the reference count
<NieDzejkob_>
as for permissions, I'll probably do something in the spirit of capabilities, which would also mean that the change only applies to the directory entry
Ameisen has quit [Quit: Quitting]
Ameisen has joined #osdev
<NieDzejkob_>
I'll probably need to use some techniques from concurrent garbage collection...
Ameisen has quit [Quit: Quitting]
Ameisen has joined #osdev
henistein has joined #osdev
Izem has quit [Quit: Izem]
dormito has quit [Ping timeout: 250 seconds]
henistein has quit [Quit: Client closed]
henistein has joined #osdev
GeDaMo has quit [Quit: Leaving.]
dormito has joined #osdev
jstoker has quit [Remote host closed the connection]
jstoker has joined #osdev
Izem has joined #osdev
ahalaney has quit [Remote host closed the connection]
<geist>
haha skyz found me on discord now
<geist>
le sigh.
iorem has joined #osdev
<Izem>
uefi loads any pe executable right?
iorem has quit [Ping timeout: 258 seconds]
<travisg>
correct
<Izem>
hmm, that's actually rather nice. this might make it easier to do alternative os stuff
<j`ey>
Linux pretends to be a PE
iorem has joined #osdev
gmacd has quit [Remote host closed the connection]