From: Karim Yaghmour <karim@opersys.com>
To: Daniel Phillips <phillips@arcor.de>
Cc: Luca Barbieri <ldb@ldb.ods.org>,
Linux-Kernel ML <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH][RFC] x86 multiple user-mode privilege rings
Date: Mon, 28 Oct 2002 10:43:34 -0500 [thread overview]
Message-ID: <3DBD5B26.7CB1D6F8@opersys.com> (raw)
In-Reply-To: E1868kU-0002cQ-00@starship
Daniel Phillips wrote:
> Karim once talked about doing a flavor of Adeos that would drop a running
> kernel into ring 1 as a result of insmodding an Adeos module, which would
> allow Adeos to combine an unmodified Linux kernel with a realtime executive.
Yes. The initial Adeos design (http://www.opersys.com/adeos/) spelled out
the details for shoving Linux out of ring 0 and into ring 1 without modifying
it. It would still have access to its page tables, but it wouldn't be allowed
to use some key instructions (including cli/sti). In that scenario, the
nanokernel would be the only thing running at ring 0, everything else would
run in ring 1 and above. This includes all non-Linux OSes (see the Adeos paper
for complete details).
Though this is fine, it is very hardware dependent. Last I checked, for
example, few archs have 4-level rings. If we're assuming all archs are going
to act/look like x86, it may be worth the effort, but I'm not sure this is
a safe bet. (Which doesn't mean some people can't find this useful, there's
been at least one debugger that follows this method:
http://marc.theaimsgroup.com/?l=linux-kernel&m=102675847422778&w=2)
Instead, it's more interesting to run each OS copy in its own separate
physical address space in priviliged mode over Adeos. This implies a few
assumptions, but "in Linux we trust" (i.e. it's not doing any random physical
accesses, and if it is, then it needs to be fixed). The other OSes, such as
emulated WinXYZ, can also have their own physically separate address space
and run in unpriviliged mode (ring 1 or worse; depending on your willingnes
to implement appropriate handlers for the faults generated by the OS not
running in its intended ring 0). Have a look at the "Practical SMP clusters
document" at the URL above for a discussion of a relatively simple method to
get multiple copies of Linux running side-by-side each in their own separate
physical address space and all linked through Adeos.
Karim
===================================================
Karim Yaghmour
karim@opersys.com
Embedded and Real-Time Linux Expert
===================================================
prev parent reply other threads:[~2002-10-28 15:32 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-10-27 2:48 [PATCH][RFC] x86 multiple user-mode privilege rings Luca Barbieri
2002-10-27 17:06 ` Eric W. Biederman
2002-10-27 19:19 ` Luca Barbieri
2002-10-28 12:12 ` Daniel Phillips
2002-10-28 15:43 ` Karim Yaghmour [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3DBD5B26.7CB1D6F8@opersys.com \
--to=karim@opersys.com \
--cc=ldb@ldb.ods.org \
--cc=linux-kernel@vger.kernel.org \
--cc=phillips@arcor.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox