You're still running the linux scheduler in C, and you're still context switching for system calls. And can you run your whole stack as a user-mode program by changing one line in the build file the way you can with Mirage?
This is a red herring. Presumably you'll be running unikernels in multi-tenant environments. There will still be scheduling and context switching overhead from the hypervisor. The Hypervisor isn't going to allow a VM full access to the hardware. Also, if you're the only process running, the Linux scheduler shouldn't actually have any overhead.
NodeOS, like most projects, is likely just a duct-taped jenga tower of the usual suspects. The attack surface will be huge. For example, OpenSSL will be in there with all of its gotos and malloc-reinventions. From a security point of view, I don't see a contest. The Mirage guys even clean-room implemented SSL in OCaml. This is no ordinary OSS project.
