John, > I do not plan to argue this further in advance. :-) It wasn't in my intention to argue anything. Just knowledge exchange. > In a microkernel drivers could have their own global namespace and not have >direct access to memory. As long as the processor doesn't provide any specific mechanism to protect the memory access from itself - I mean here "kernel-mode" - namespace or not the code executing in kernel mode will do whatever it wants with the memory. Even if the driver has not direct access to memory some other code has to have it. The driver will request memory modification via a message. If the request is malicious the executing part has no way to know it. Or if it does it means the memory management is in kernel mode - and this is no longer a microkernel ... In my opinion the solution is not to isolate the memory access from the executing code but to provide some protection mechanism in H/W. The MMU does half this work today. It remains to invent the other half. I thought you were aware of such mechanism when I asked you to elaborate... Anyhow, thanks for sharing. Cheers, Stephan. -- To unsubscribe from this list: send an email with "unsubscribe kernelnewbies" to ecartis@xxxxxxxxxxxx Please read the FAQ at http://kernelnewbies.org/FAQ
