From: Alan Cox <alan@lxorguk.ukuu.org.uk>
To: Arjan van de Ven <arjan@infradead.org>
Cc: Alon Bar-Lev <alon.barlev@gmail.com>,
Brian Gerst <bgerst@didntduck.org>,
"Jonathan M. McCune" <jonmccune@cmu.edu>,
linux-kernel@vger.kernel.org,
Arvind Seshadri <arvinds@cs.cmu.edu>, Bryan Parno <parno@cmu.edu>
Subject: Re: using segmentation in the kernel
Date: Wed, 12 Oct 2005 17:07:11 +0100 [thread overview]
Message-ID: <1129133231.7966.1.camel@localhost.localdomain> (raw)
In-Reply-To: <1129107936.3082.34.camel@laptopd505.fenrus.org>
On Mer, 2005-10-12 at 11:05 +0200, Arjan van de Ven wrote:
> > separate modules so that they
> > will not affect kernel and more...
>
> and I don't believe this one yota. THe only way to do this is to run
> modules in ring 1, at which point you are in deep shit anyway.
Not neccessarily. Its how Xen works on x86-32 for example. It keeps
itself protected from the entire Linux instance by using segmentation on
32bit processors (not 64bit however as x86-64 has no segments in 64bit)
Doing that without major work on the kernel itself would be hard, and
you'd need to isolate out things like page table updates and verify them
whenever modules wanted to touch such stuff
Alan
next prev parent reply other threads:[~2005-10-12 15:39 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-10-11 20:15 using segmentation in the kernel Jonathan M. McCune
2005-10-11 20:36 ` Brian Gerst
2005-10-11 20:24 ` Alon Bar-Lev
2005-10-11 21:12 ` Al Viro
2005-10-11 21:14 ` Brian Gerst
2005-10-12 9:05 ` Arjan van de Ven
2005-10-12 16:07 ` Alan Cox [this message]
2005-10-12 15:44 ` Arjan van de Ven
2005-10-12 23:55 ` Jonathan M. McCune
2005-10-12 13:03 ` linux-os (Dick Johnson)
2005-10-13 8:51 ` Denis Vlasenko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1129133231.7966.1.camel@localhost.localdomain \
--to=alan@lxorguk.ukuu.org.uk \
--cc=alon.barlev@gmail.com \
--cc=arjan@infradead.org \
--cc=arvinds@cs.cmu.edu \
--cc=bgerst@didntduck.org \
--cc=jonmccune@cmu.edu \
--cc=linux-kernel@vger.kernel.org \
--cc=parno@cmu.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox