[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: problems with hierarchy: L4 pagers
From: |
Neal H. Walfield |
Subject: |
Re: problems with hierarchy: L4 pagers |
Date: |
Mon, 17 Oct 2005 21:44:54 +0100 |
User-agent: |
Wanderlust/2.14.0 (Africa) SEMI/1.14.6 (Maruoka) FLIM/1.14.6 (Marutamachi) APEL/10.6 Emacs/21.4 (i386-pc-linux-gnu) MULE/5.0 (SAKAKI) |
At Sat, 08 Oct 2005 16:27:57 -0400,
Jonathan S. Shapiro wrote:
> In fact, there is a hierarchy problem in L4.x2 today in the memory
> manager. Consider two process A, B with respective pagers A', B'. Now:
>
> A' maps to A
> A maps to B
> A' revokes
> B' knows nothing and cannot reconstruct the mapping.
>
> This problem is now well-known by the L4 designers, and it is a direct
> consequence of using REVOCABLE COPY as the primitive operation. In every
> real system that has been constructed on top of L4.x2, the solution has
> been to require that either
>
> A' and B' are identical, or
> A' and B' have a commonly trusted parent who knows how to
> recover, or
> The design is broken, so unmaps are not performed.
>
> The current L4sec design will require that every capability interaction
> must use the same kinds of solutions.
A can only map to be B if B accepts an IPC containing a map item.
That is, B always knows when someone maps to it and can inform B'
about such a mapping. If B' doesn't trust B or if B' is unwilling to
accept this information this is not a problem: B can still create a
new thread (LB) and set it as its pager (B' cannot prevent this).
When a page fault occurs, LB looks up how to reconstruct the mapping.
If it doesn't have the required information, it simply propagates the
fault to B':
B -page fault-> LB -fault propagation -> B'
Do you find this a reasonable solution?
Thanks,
Neal
- Why kernel REVOCABLE COPY is difficult, (continued)
- space banks and DMA, Neal H. Walfield, 2005/10/13
- Re: space banks and DMA, Jonathan S. Shapiro, 2005/10/13
- DMA vs. Persistence, Jonathan S. Shapiro, 2005/10/13
- General driver DMA (in EROS), Jonathan S. Shapiro, 2005/10/13
- Approaches to storage allocation, Jonathan S. Shapiro, 2005/10/09
- Re: Approaches to storage allocation, Neal H. Walfield, 2005/10/12
- Re: Approaches to storage allocation, Jonathan S. Shapiro, 2005/10/12
- Re: problems with hierarchy: L4 pagers,
Neal H. Walfield <=
- Re: problems with hierarchy: L4 pagers, Jonathan S. Shapiro, 2005/10/17
- Re: problems with hierarchy: L4 pagers, Neal H. Walfield, 2005/10/18
- Re: problems with hierarchy: L4 pagers, Jonathan S. Shapiro, 2005/10/18
- Re: problems with hierarchy: L4 pagers, Neal H. Walfield, 2005/10/20
- Re: problems with hierarchy: L4 pagers, Espen Skoglund, 2005/10/18
- Re: problems with hierarchy: L4 pagers, Jonathan S. Shapiro, 2005/10/18
- Re: problems with hierarchy: L4 pagers, Espen Skoglund, 2005/10/18
- Re: problems with hierarchy: L4 pagers, Jonathan S. Shapiro, 2005/10/19
- Re: problems with hierarchy: L4 pagers, Marcus Brinkmann, 2005/10/18
- Re: problems with hierarchy: L4 pagers, Marcus Brinkmann, 2005/10/18