L4.Sec Microkernel Specification

This site contains information on the Dresden proposal for a next generation microkernel: L4.Sec. L4.Sec is targeted to co-host user-level servers implementing security-critical functionality next to untrusted and potentially malicious software.

The main differences to prior L4 APIs is that L4.Sec addresses both communication control and kernel resource management. The basic mechanism of mapping and unmapping access rights to memory and io-ports has been extended to a mechanism for donating and revoking access to all kernel objects including thread, address spaces, communication endpoints and kernel memory pages and now is the basic mechanism of access control.
Kernel-memory pages are memory pages which have been converted so that they can be used by the kernel. In which kernel-memory page and to some degree at which address objects are allocated can be controlled by an application.


Wed Oct 19 16:34:52 2005
· Copyright © 2001-2010 Operating Systems Group, TU Dresden | Impressum ·