LKL：内核代码以库形式用户态运行

可以很轻松地把内核网络栈直接拿到用户态运行，创意很好，可以结合用户态工具轻松配制若干变种VPN 。

但是运用到生产环境有如下问题

Main "architectural" issue: when attempting to run the kernel code in the user space, namely the need to preserve many "kernel" assumptions since the kernel code was meant to run in the kernel environment.

Assumptions: the existence of a kernel stack, the host vs the "kernel" threads, the kernel scheduler and how it conflicts with the host scheduler, IRQ handling and its various optimization,..., etc.

Preserving these assumptions, although allowing one to avoid changes to the generic kernel code, has resulted in significant performance overhead for LKL.

Limitations: linkage issue with the kernel code resulting in address collision with shared library objects, no SMP support, the complexity of allowing it seems to approach that of providing a fully virtualized environment for the kernel.

结论是 LKL 不一定比完全虚拟机好。

https://lwn.net/Articles/662953/ http://netdevconf.org/1.2/session.html?jerry-chu