[cap-talk] Virtualizability vs. Synergy

Wed Jul 12 21:38:41 EDT 2006

At 03:58 PM 7/12/2006, David Hopwood wrote:
>Norman Hardy wrote:
> > On Jul 12, 2006, at 11:46 AM, Eric Jacobs wrote:
> >>David Hopwood <david.nospam.hopwood at blueyonder.co.uk> wrote:
> >>
> >>># In each synergy pattern I rely on some other object that I did
> >>># not get from you to tell me whether I can safely use P. I pass P
> >>># to it and it replies yes or no.
> >>
> >>I don't really understand what the conflict between that and full
> >>virtualizability is. The very definition of full virtualization in a
> >>capability system would be that there are no "other objects" that come
> >>from outside the virtualizing host, I'd think.
> >
> > David was quoting from my page at 
> <http://cap-lore.com/CapTheory/ > Patterns/CapParam.html>.
> > By "full virtualizability" I meant that any old program that holds a
> > capability X, is in a position to unilaterally virtualize X (and only
> > X) without coordination with anyone else.
> > This is in marked contrast to virtual machines where most or at least
> > much of the system must be virtualized and then only the privileged
> > code (in everyone's TCB is capable of virtualizing.
> > Does this clarify my comments?
>
>It may be clearer to use a different term than "virtualize" here.
>
>At <http://www.cap-lore.com/CapTheory/KK/m/211.html>, "synthesize" is
>used with this meaning -- i.e. a kernel abstraction can be "synthesizable",
>and the resulting object is "synthetic". I prefer this terminology.

I'd like to add my support to the above.  I believe the terms "virtualize"
and "virtual machine" are used way too often and in many different
and therefore potentially confusing situations.  Just for example, there is:

1.  What I consider the purest form of virtual machine.  Namely
a virtual instance of a real hardware machine with all it's instructions,
devices, interrupts, etc., etc.  Even here there is room for confusion
as there is the distinction between a machine emulation and a
virtual machine monitor which lets the real machine execute all
instructions but those that require privileges.  Even with the latter
there are finer gradations that are important for VMMs like
VMWare and Xen.  Emulation can provide the same sort of
virtual hardware machine, but generally much slower of course.

2.  Then there are things people call "virtual machines" that I
consider to be more virtual operating systems.  I put the
"java virtual machine" into this category.  Jails under FreeBSD
might fit there well also.  We had something we called a
"dual system" under NLTSS where we essentially time shared
two completely different operating systems using common
device drivers.  We didn't refer to those as "virtual machines",
but I think they might fit into this "virtual OS" sort of facility
that people often refer to loosely (and I believe unwisely)
as "virtual machines".

3.  The sort of "virtualizing" that's being discussed above for
capabilities seems to me at yet another higher and finer grained
level.  Isn't this really more of an invisible proxy?  A proxy with
the "insertion property" (e.g. as in:

F. A. Akkoyunlu, K.Ekanadham, R. V. Huber,
"Some Constraints and Tradeoffs in the Design of Network 
Communications," Proceedings of the Fifth Symposium on Operating 
System Principles, 1975, Vol. 9, No. 5, pp. 67-74.

http://portal.acm.org/citation.cfm?id=806523

).  I believe it would be better not to use that heavily overloaded
"virtualize" word for this situation if possible.

Might it be worthwhile to try to come to an agreement on what
terminology should be used for this situation?   I would find that
helpful as it seems to come up fairly often - e.g. on this list
where I think the proxy terminology is most often used, though
perhaps not in the strict sense of demanding this "insertion"
(invisibility) property.

--Jed http://www.webstart.com/jed/ 