lock-in? the image format is standardized.. the runtime is standardized.. when you use rkt half of the time you are running images built with docker..

And to avoid interference you need what is in labeled risc-v. Or you performance will still be all over the shop as the IO in the motherboard ruins your day. The reality is jailhouses full objective cannot be done with existing x86 hardware because the hardware features required are missing.

So this is why I see jailhouse as a future thing. Because to work right it need future hardware features.

msword format is standardized
when you use openoffice half of the time you are reading files created with msword

you are again confusing performance with latency. preformance will always suffer because it can't share resources by design, that is the whole point

And the point of the labeled alteration in risc-v is that you can share resources. Thing to remember when you get into hardware there are such things are virtual cpu and virtual resources. Jailhouse performance cost will directly align to architecture.

The objective of labelled is to add extra information to memory so that the IO/CPU/Ram access is control by these extra labels. Think intel hyperthreading with brains.

Item like KVM that can share cpu core between multi VM don't make much sense on something that its labeled with hyperthreading since you have virtual cpus at hardware level. These newer design can in fact provide real-time performance for items labeled as such and for lower than real-time provide to fill in cpu idle times.

Does sharing of hardware have to be done by software the answer is no.

Please note without labeled what you can have happen is one cpu core is consuming all the IO so all the other CPU cores can fairly much stall out. So labeled is important so that you can get the most out of your cpu power so one memory/IO heavy task does not result in 90% of your cpus at that time doing nothing.

Labeled at hardware level really does alter the game.

they can share higher levels of cache ( which is shared anyway, but now they can avoid interference from sharing), but not cpu cores afaict

Using Labeled methods there is a prototype going to the hyper-thread using Raptor64 that use the labels to decide what vcpu instances take priority.

So being up on the prototypes tell you depending on what path hardware goes .

There is quite a performance cost causes by interference by sharing. Once you are labelled its only a small step to label the vcpu tasks of hyperthreading and give them a priorities. Once you have labelled controlled hyperthreading in a cpu things get very interesting to say the least also once you have labelled control hyperthreading having software hypervisor change core between vm becomes highly redundant.

So these more advanced hardware designs a simpler hyper-visor makes a lot sense. The heavy lifting to keep cpu core doing max processing that becomes a job of hardware and hardware label settings instead of software.

So instead of intels 2 threads more core you could have 32+ in labeled. It works because you have priorities and it gets more complex when the hardware level is moving vcpus between real cpu cores totally based on labeled priorities.

You can think of this that you can implement a hyper-visor in hardware..

The reality without doing labeled you cannot remove the interference problem in the shared resources. Once you have labeled in place is not that hard to take it up to the vcpu system of hyperthreading as well then what is required for a hypervisor in software need to do to be effective reduces a lot.