[cap-talk] Midori in The Register
Venkatesh Srinivas
me at acm.jhu.edu
Thu Aug 7 09:21:52 CDT 2008
On Wed, Aug 06, 2008 at 09:44:43AM -0400, Jonathan S. Shapiro wrote:
>On Wed, 2008-08-06 at 13:58 +0100, Toby Murray wrote:
>> On Wed, 2008-08-06 at 13:04 +1000, J
>> > Driver crashes get blamed on Microsoft Windows, even
>> > though they should not be.
>>
>> Why? In a microkernel, a driver crash is not guaranteed to corrupt the
>> rest of the system, particularly if the kernel has been written to
>> maintain defensive consistency in the face of driver failures, which it
>> should be....
>
>Not so. In the presence of hardware providing physical DMA -- which is
>to say, all current commodity hardware -- it is impossible for the
>operating system to ensure defensive consistency of this form.
On AMD K8+ systems, it could be interesting to use the I/O access
bouncing tricks (from "Beyond the CPU", iirc) to let a kernel defend
itself against evil hardware out to DMA over it. And K8s are even
commodity hardware...
--vs
More information about the cap-talk
mailing list