Re: A Framework for Device Drivers in Microkernel Operating Systems

l4-hurd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A Framework for Device Drivers in Microkernel Operating Systems

From:	Espen Skoglund
Subject:	Re: A Framework for Device Drivers in Microkernel Operating Systems
Date:	Tue, 16 May 2006 17:57:05 +0200

[Jonathan S Shapiro]
> Simply "telling" a subsystem that it cannot use certain names, of
> course, accomplishes nothing. This is why enforcement is
> required.

Sorry.  I of course meant telling *and* enforcing.

> The argument for local names has two parts:

>   1. It is probably the simplest mechanism for enforcing the access
>      check.

And if the local name space is always idempotently "mapped" to the
global name space then the access chech is a lookup in a bitmap.  This
is essentially the Jaeger-Elphinstone redirection model [1].

>   2. By encapsulating the true name of the service, it allows the
>      service to alter its behavior or implementation in ways that
>      can be transparent to the client.

> The second is an argument about a kind of virtualizability. In my
> opinion, this is very nearly as important as the protection
> argument.

Agreed.  Virtualizability was one of my main motivations for doing
local name spaces.

        eSk


[1] http://l4ka.org/publications/paper.php?docid=670

[Prev in Thread]

Current Thread

[Next in Thread]

Re: A Framework for Device Drivers in Microkernel Operating Systems, (continued)

Prev by Date: Re: Part 2: System Structure
Next by Date: Re: Part 2: System Structure
Previous by thread: Re: A Framework for Device Drivers in Microkernel Operating Systems
Next by thread: Part 2: System Structure
Index(es):
- Date
- Thread