[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A Question to throw at you guys

From: olafBuddenhagen
Subject: Re: A Question to throw at you guys
Date: Wed, 15 Nov 2006 17:11:55 +0100
User-agent: Mutt/1.5.13 (2006-08-11)


On Wed, Nov 15, 2006 at 04:09:01AM +0000, Justin Emmanuel wrote:

> The original thought that I had was, wouldn't it be cool if:
> The DDL was compiled to a byte code (This allows for closed source
> drivers).

No thanks, we don't want nonfree drivers. If your framework simplifies
creating those, that's a major disadvantage in our view.

> The byte code would be used by the OS to 'learn' to build the driver
> code itself.

Well, we do understand that your idea is to have a trusted compiler.
(Just like in Singularity.) Only we don't see any advantage in such an

> Nothing direct from the outside would be placed directly against the
> hardware and the drivers should be fully held to account at every
> step.

Seems it wasn't clear enough in the previous replies, so I'll try again:

There are only two possible situations. Either the hardware device in
question is nice, and it's possible to give the driver access to safe
resources only. If so, traditional process boundaries are perfectly
sufficient to enforce security, totally independant of the language
and/or compiler used.

Or the hardware is inherently dangerous. In this case, no kind of
checking can help.

Trying to enforce some policy on drivers by a special language and
trusted compiler is really pointless, sorry.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]