Post Syndicated from original https://lwn.net/Articles/902585/

As a general rule, virtualization mechanisms are designed to provide strong
isolation between a host and the guest systems that it runs. The guests
are not trusted, and their ability to access or influence anything outside
of their virtual machines must be tightly controlled. So a patch series
allowing guests to execute arbitrary system calls in the host context might
be expected to be the cause of significantly elevated eyebrows across the
net. Andrei Vagin has posted such a
series with the expected results.