LCA: Andrew Tanenbaum on creating reliable systems
LCA: Andrew Tanenbaum on creating reliable systems
Posted Jan 18, 2007 17:52 UTC (Thu) by JoeBuck (subscriber, #2330)In reply to: LCA: Andrew Tanenbaum on creating reliable systems by elanthis
Parent article: LCA: Andrew Tanenbaum on creating reliable systems
But the X server (at least large parts of it) is like an extended kernel. It runs as root, accesses the hardware directly, without going through the kernel, so bugs have the same ability to toast your system as the kernel does.
Posted Jan 18, 2007 20:54 UTC (Thu)
by jamesh (guest, #1159)
[Link] (3 responses)
As for intelligent hardware like a modern GPU that can DMA to arbitrary memory locations, his solution was to use the IOMMU to limit where the device could write to. It wasn't clear whether they've implemented use of the IOMMU like this yet.
I've got no idea what impact this would have on performance of graphics operations.
Posted Jan 18, 2007 22:42 UTC (Thu)
by nix (subscriber, #2304)
[Link] (2 responses)
Given the timing-sensitive nature of much port I/O that strikes me as both
Posted Jan 24, 2007 14:01 UTC (Wed)
by kleptog (subscriber, #1183)
[Link] (1 responses)
These days people use memory-mapped I/O so mmap() is what you mostly need.
Posted Feb 2, 2007 13:46 UTC (Fri)
by willy (subscriber, #9762)
[Link]
Well, the Minix setup basically required all IO port access to go through the kernel, and the policies for each daemon would say what it was allowed to access.LCA: Andrew Tanenbaum on creating reliable systems
So Minix I/O port access always involves at least two ring transitions LCA: Andrew Tanenbaum on creating reliable systems
*per port I/O*?
wildly impractical and somewhat dangerous.
On i386 hardware, it's possible to grant an unprivelidged processes access to particular I/O ports, without having to do any ring transitions. On Linux it's the ioperm() function call.LCA: Andrew Tanenbaum on creating reliable systems
Yes, but minix explicitly doesn't do ioperm, it really does call down to the microkernel to do IO port accesses. He talked about how 'evil' mmaped IO was.LCA: Andrew Tanenbaum on creating reliable systems