SAS and mapping descriptors

Bryan Ford baford@schirf.cs.utah.edu
Mon, 05 Dec 94 23:20:43 MST 

>   It's known that those mappings can't possibly conflict with any
>   of the other mappings that I _do_ want to access, so the sender
>   can't violate my integrity.
>
>Wait!  I'm not assuming a SAS!

You don't have to.  There can be "few address spaces" rather than
"single address space", or processes can have part of their address
space be shared and the rest private, or whatever.  All you need from
the microkernel to provide the necessary guarantees is something like
the "SAS compositor" I mentioned earlier, which ensures that mappings
you insert are part of the right address space and therefore won't
cause security problems.

>   ...these MMU table resources are generally
>   implemented as caches anyway, so they can be dynamically thrown away and
>   reallocated to map other parts or memory.
>
>I was moving towards a model in which page frames are accounted
>resources, and that would include page frames used for memory mapping
>tables.  Making MMU tables be cached certainly simplifies things, but
>it raises issues of RT guarantees w.r.t. mapping table reconstruction
>that make me resist it.

Actually, I've been envisioning sort of a hybrid approach, where the
physical pages holding MMU tables are tracked and managed just like
ordinary physical pages that cache other types of data, but they're
"backed" by a special "pager" that knows it can simply throw away the
MMU table data if it gets paged out.  Hence, ordinary aging algorithms
and such would work fine.  And if you can make RT guarantees about the
way ordinary physical pages are managed, you can make RT guarantees
about the way pages holding MMU tables are managed, in exactly the
same way.  (For example, if you want to you can set things up so the
MMU tables will never get paged out.)

>   ...There are now tools,
>   some of which were developed here, that allow arbitrary structured
>   data to be automatically massaged as necessary when pieces of DSM are
>   transferred across heterogeneous nodes.  So, for example, you could
>   share a single address space between a big-endian PA-RISC machine and
>   a little-endian i386.  Sharing between machines with different word sizes
>   would be more difficult...
>
>Can you point me to any papers on this?

Check out the papers on DSM and GOOFIE, available from our main flexmach
URL: "http://www.cs.utah.edu/projects/flexmach/index.html".
I just talked with John Carter, and they're not planning to do anything
on combining GOOFIE with DSM in the near future, just because they've
got a ton of other stuff to do.  But if you or someone else wanted to... :-)

					Bryan