| |
| |
| |
|
Page: 1 2
Comments:
<0> God Bless...
<0> uh, me
<1> i'm wondering about moving everything into userspace. Realistically, how much can i do in userspace without risking security? As far as i can tell, I need scheduling and memory management in kernel. Can I get away with doing everything else in userspace?
<2> ElPenguin, you can basicly put everything up there. It's just quite expensive.
<1> wobster: *how* expensive?
<3> context switching
<2> Well, on x86 a full context switch.
<2> per call
<1> ergh
<2> and you wil have _many_ calls ;)
<2> good night
<4> For those of us who don't care about security, it's a lot cheaper. ^_^
<1> it's no wonder exokernels are much faster then...
<1> there's got to then be a more efficient way of doing it while maximising security. how about manipulating the ring system?
<4> You mean use the middle rings?
<1> yeah
<4> The middle rings count as supervisor for the purposes of page protection, hence the games Xen has to play with TLS on Linux.
<4> So you'll need a combination of page and segmentation options, I think.
<1> hr
<1> m
<4> That's not necessarily -bad-, mind you.
<1> yeah
<4> On the other paw, it's not going to be portable.
<1> *nods* that's one of my concerns
<4> You might consider a "safe" VM setup in ring 0.
<4> But then you run into the possibility of something like the Java ByteVerify exploit.
<1> yeah
<1> what about some system of loadable kernel modules that can be replaced at runtime (somehow without incurring a context switch)?
<4> ... You might look at how the exokernels handle custom filesystems. I seem to recall they had something there for specifying runtime limits on the VM code that got JIT in the kernel.
<5> seen pengo lately?
<4> mur: The Apple ][ video game?
<5> nickname
<6> morning
<7> hi
<8> Nearly twelve hours of join/part without interruption.
<8> Save the daychange, and eieio and colyti's one line each.
<9> anyone know why grub complains about my kernel being an unknown format, when i have the aout kludge, and also checked it with mbchk, which said everything's ok
<2> mrfire, #grub
<9> join #grub
<7> hi
<10> old mcdonalds had a farm...
<7> and on that farm he enforced in-order execution of IO, eieio
<10> else he would mis-count hos cows and chickens
<10> s/hos/his
<10> damn I hate sed
<10> why I'm using that syntax? god knows...
<7> perl uses it too
<10> *shudder*
<7> and lucky for everyone, perl can be used in place of sed very easily and with much improvement
<10> Perl is the ***embly language of scripting languages
<7> grr, i want broadcom support, but i don't want to actually implement it
<2> undesktop, that was my first idea as well! lol
<2> until I accidently stumbled over that ppc instruction
<2> eieio, ethernet?
<7> yeah, specifically the 570x chipset
<7> PPC OS X supports it and it's widely available on PCs, so i need to support it
<7> but it's also wildly complex in some respects, so it's not exactly easy to implement
<7> realtek translation, in comparison, is rather trivial
<11> hiya :)
<7> hi
<11> i'm working on a strange file system which doesnt have the traditional 'file name' concept but rather stores a copy of the media metatags (id3, etc) in a central place and uses that to retrieve files.. trying to decide on compatibility with normal applications ;)
<10> nn: AKA database?
<11> undesktop: Sorta
<11> it's in place of the traditional file name lookups
<11> i was thinking for open() that you could do say open("audio/mp3:artist=ja rule,title=always on time", O_RDONLY) or such?
<10> why not put DB queries into the "filename"
<10> however, what if the user wants to _create_ files?
<11> undesktop: same thing type:metadata list
<8> nn: there better be a good search function, then =D
<11> iank: yes, it's in the opendir and such :)
<8> nn: "Ja rule" vs "Ja Rule" vs "ja rule" vs "jarule" vs "ja-rule" vs "ja_rule" and so on
<8> But why would there be any ja rule at all? ;]
<11> iank: that wont happen since it'll be on the metadata so it should all be like ja rule or Ja Rule or similar
<11> iank: it was playing on the stream :P
<8> nn: never ever had a poorly tagged mp3 file, eh? ;]
<11> iank: I fix them or throw them away, but i rip my own stuff nowadays
<8> title: 01, artist: -, album: r1pp3d by s0m3 stup1d k1dd13 1 d0n'7 c4r3 4b0u7.
<2> eieio, etherboot is always a nice reference. the drivers ain't as ugly as in linux for example.
<8> nn: sure, but in that case, you and one other person will be the only user of your filesystem.
<2> minimal implementations basicly
<11> iank: it's more ment to store properly tagged data.. that's an issue i'm having right now too is to tie in-file metadata with the fs metadata
<8> ok, cool.
<8> Have you figured out how you're going to have users register new filetypes? (And be able to specify what sort of metadata goes where, and all that).
<8> It's a pretty cool concept, though =)
<11> iank: that's stuff im trying to get ideas on :) i'm sure you can see how this would be useful
<11> mainly i got frustrated by my mp3 player having to open() each file and scan through it for id3 tags and then build its db
<7> wobster: thanks, i'll check that out. could help as a good usage example. i have access to the chip programming spec, but unfortunately a lot of the complication comes from the nature of hardware translation :-/
<2> eieio, yeah. I plan to work on a rtl9139 driver. It even has a programming guide. Still ugly, of course.
<2> With finest korean-english ;)
<11> Engrish? :P
<7> heh, yeah
<11> i scrapped my entire OS project...
<11> Starting over...
<11> had it running linux apps through the emulation borrowed from fbsd.. but it just was going so far from my design goals
<7> the nice thing, for my situation, about the realtek is that it uses monolithic RX and TX buffers, instead of descriptor rings
<2> eieio, hm, well, rtl8xxx have 4 descriptors. manageable :)
<2> eieio, plus, I need that for netboot in fact. but I cannot copy etherboot because of gpl. soo .. :)
<7> well, yeah, but the descriptors are on the chip, not in memory, like the BC570x has
<7> you could almost think of the BC750x as a coporcessor, it uses bus mastering so extensively
<11> i need to find a nice gigabit ether controller to solder down on this board..
<12> re
<12> nice day today
<7> hi
<11> Hi :)
<11> it is so lovely in both NYC and wv :)
<10> I could print out ECMA 335 and carpet my room with it
<11> I'd rather wipe my arse wif iso 9660 :)
<11> i'm trying to teach her C so she can help me work on my projects
<2> undesktop, it took me weeks to read that **** through
<10> wobster: for what reason did you read it?
<2> you better print that out if you want to read it.
<10> 500 pages and no printer heh
<10> I'm looking if a maybe can abuse the C# compiler for my needs
<2> undesktop, for knowing it.
<10> I
<10> btw, IMHO Microsoft should be punished for it
<10> I thought dotnet would be nice and neat, but... it isn't
<2> undesktop, especially interesting is the stuff about the meta data. i just wanted to check out if it was possible to have JIT'ted drivers for example, running in sandboxes. but the verification stuff would be an enormous amount of code.
<2> I love cli, honestly. and c# is nice too.
<10> wobster: I just don't get why they didn't make it simpler... maybe it grew that way, or they made it complicated intentionally
<10> ie. this whole verification could just be solved if it wasn't stack based but instead would always use locals
<2> undesktop, I don't think java is any simpler.
<2> maybe even more complicated because it eveloved over time.
<2> evolved, even
<10> yeah, but MS could have done better
<2> Dunno. It`s just cool that there's a full spec available.
<10> I think CIL actually is just a Microsoft Java fork, which was so intensively modified, that it looks completely different now :-)
<2> undesktop, it isn't complicated. Not more than anything else you could do to verfiy ops and data before and during runtime
<10> wobster: what about putting the result of verification into the files
<2> undesktop, by the way, you have simpler but less secure alternatives everywhere.
<10> like?
<2> everything else? ;)
<10> not really
<2> well, what do you expect? want introspection API? you need some oberservation. want garbage collection? you need oberservation. want information verfication? you need oberservation... what can I say. matter of fact.
<2> if you do not want all that, use c++, for example.
<13> s/c++/D/
<10> oh well, I just want "secure" code
<13> s/, for example././
<10> that is, memory safe
<11> i jus wanna poop :P
<13> nn: Do it, Fred!
<10> nn: so go ahead
<14> heya
<2> cli is worth it if you got the resources (maybe). at least it`s the peak of platform independency
<13> Heya Marco :)
<2> hello marco_g
<14> wobster: You were looking for me?
<2> marco_g, I missed you.
<13> marco_g: We all missed you.
Return to
#osdev
or
Go to some related
logs:
start metacity etch
#web
gentoo HOWTO_Update_Full_System
#awk
#web
#web
aic7xxx+gentoo+grub
#php
#linux
#linux
|
|