L4.Sec Microkernel Specification
This site contains information on the Dresden proposal for a next
generation microkernel: L4.Sec. L4.Sec is targeted to co-host
user-level servers implementing security-critical functionality next
to untrusted and potentially malicious software.
The main differences to prior L4 APIs is that L4.Sec addresses both
communication control and kernel resource management. The basic mechanism
of mapping and unmapping access rights to memory and io-ports has been
extended to a mechanism for donating and revoking access to all kernel
objects including thread, address spaces, communication endpoints and
kernel memory pages and now is the basic mechanism of access control.
Kernel-memory pages are memory pages which have been converted so that
they can be used by the kernel. In which kernel-memory page and to some
degree at which address objects are allocated can be controlled by an