On Saturday, 10/30/2021 at 09:34 GMT, "CAREY SCHUG" <sqrfolk...@comcast.net> wrote: > I am NOT NOT NOT asking you to take you time to explain to me, just point to > existing documents (including any you may have written that you can share). > warning: I have been out of mainframes for 20 years and had no formal training > on x86 computers.
Google answers most of your questions. > My ONLY question to you is the goal below. Are you aware of any printed > books, downloadable documents, other list servers where I can ask, or can you > suggest how I could craft a web search for: > > Wanted-- > > An explanation (and comparison) of x86 vs IBM virtualization, for a person with > ONLY zVM background. Google search: x86 z/VM Result: articles and white papers. > Including glossary of terms (like what we called core cancer, t think they call > memory leak). Google search: z/VM terminology Result: Introduction to z/VM. > Hopefully explaining x86 ring levels beyond their existence level that I am > aware of. Intel 64 and IA-32 Architectures Software Developer's Manual, Volume 1. "Calls to other protection levels" > Optional bonus: A comparison x86 vs ARM, and within x86, AMD vs Intel. And are > there add-on hardware memory managers that might not easily be identified when > I walk into a computer store to buy one? As to which is "better", or do each > have advantages in some areas? I hadn't thought about this till I started this > email, and have found some promising articles, but so far all written for > somebody whose vocabulary base is x86...which is like middle english would be > to me. I have not written in machine code for small computers beyond the Z-80. Google search: x86 versus ARM Google search: AMD versus Intel > Also I would like details on malware exposures and how to protect the > hypervisor from them. For instance, it seems to me that "buffer overrun" > (though historically mostly winblows) could in theory happen in any intel based > system since unlike mainframes, the hardware does not hard block the end of the > input buffer. Not true and dangerous thinking. Buffer overflows occur on all platforms when the application, subsystem, or OS fails to respect buffer boundaries. The hardware couldn't care less. It takes an address and a length. If the OS tells the hw the wrong information, over the buffer it goes. What modern systems have is an inability of unprivileged programs to access privileged memory without OS assistance. So no worries about an application overwriting the OS. (Theoretically and architecturally. Bugs can negate either in a hurry.) > I read about X86 type 1 vs type 2 hypervisors, but then details of some > purported type 1 sound more like type 2 to me. Then I found Qubes (and I think > parents, children and siblings of it) which at first glance sounds like the > most extreme type 1 possible given the x86 memory architecture. But it seems > Qubes is still not complete. And maybe to be secure, to I need to have multiple > Ethernet adapters, one for each guest? Or maybe running a linux firewall in a > read-only guest would suffice? You might want to ask about Qubes in a Qubes-related forum. This is Linux on Z. > personal disappointment: Wikipedia seems totally ignorant of any virtualization > other than IBM-z/x86/sparc/arm/power, while every other mainframe manufacturer > I presume has some form, HP, Digital, I think I even heard that some big cisco > routers virtualization, and other IBM product lines, but maybe they were other > processors under the covers, such as later AS/400s being power processors. Some > quick searches show many of them migrating to ARM, MIPS, etc, so maybe not. > Except there was a reference to MIPS virtualization, which is not in the table > in wikipedia. Oh, MIPS is dead, maybe RISC-V? Quick search seems to indicate > there is no working hypervisor for RISC-V yet, but it is in development? "Virtualization" is a term of art. (Go read what Humpty Dumpty has to say about words and their meanings.) Wikipedia will only have it the thing that the author knows about. "Software Defined Networking" (SDN) is a virtual network. Where LAN segments used to have a physical association, that's no longer the case. A LAN is whatever you want it to be, without regard to physical location. Routers are virtualized these days so that you can have what looks like one router actually be composed of two (in case of a failure). Storage virtualization: you think you you're connected to disk drive Brand X, but you're actually talking to Brand Y, including the case where Y doesn't have all the features of X. The list goes on and on and on.... Alan Altmark Senior Managing z/VM and Linux Consultant IBM Systems Lab Services IBM Z Delivery Practice ibm.com/systems/services/labservices office: 607.429.3323 mobile; 607.321.7556 alan_altm...@us.ibm.com IBM Endicott ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www2.marist.edu/htbin/wlvindex?LINUX-390
