Hello,
I am currently conducting research using the L4Re system, and I am working on
implementing a mechanism to reboot a Guest OS managed by UVMM.
In my setup, I run two Linux instances under UVMM. My goal is to reboot one of
them without affecting the other.
To achieve this, I terminate the target instance by sending a signal using
L4Re::Parent::signal, and then I restart it using a Ned script to launch a new
instance of the same program.
When restarting, I reuse the capability that was created during the first
launch of the UVMM instance.
However, during execution, the restarted program encounters an "invalid
capability invoke" error.
Upon investigation, I suspect this happens because l4_task_unmap was called
during the restart process, which likely removed kernel objects associated with
the original capability. As a result, the reused cap_index no longer refers to
a valid object.
Based on this, I would appreciate your insights on the following questions:
Under what conditions are kernel objects deleted in L4Re?
In this rebooting workflow, how can we ensure that capabilities remain valid or
that their associated kernel objects are not prematurely unmapped or deleted?
If UVMM crashes during operation, how can we design a mechanism to ensure
system-wide stability and security?
Thank you in advance for your valuable feedback!
Best regards,
stephen.yang
_______________________________________________
l4-hackers mailing list -- [email protected]
To unsubscribe send an email to [email protected]
