Naive question about grant/map
Andreas Haeberlen
ahae at cs.rice.edu
Fri Dec 5 19:13:57 CET 2003
Hello Espen,
>[Jonathan S Shapiro]
> > I am looking for a sequence in which A maps to B and B ??? to C and
> > the result would look like:
> > A -> B
> > A -> C
> > Also, I forgot to ask: is there some reason why such an operation
> > would be inadvisable?
>Another (perhaps minor) problem I see with this scheme is that if/when
>we introduce management of kernel memory from user-level [1], there
>might be a problem of accounting. For each mapping there is a
>"mapping node" in the in kernel mapping database. Upon a map
>operation, the memory for this mapping node can be accounted to either
>the mapper or the mappee. If memory is accounted to the mappee there
>is no problem with your new ??? operation.
If the mapping node is accounted (and exported) entirely to the mappee,
then validating it when it is re-imported from user level becomes
a very hard problem. This is why I suggested splitting the mapping
nodes into two separate parts, which can be validated against each
other (in my thesis, Section 4.7.3).
However, there is another solution: Assume the current mapping
is A->B, and B wants to pass the object on to C without retaining the
ability to revoke it later. Then B can simply request a _second_
mapping from A and grant that one to C. The first step would look
like this:
A -> B (at address b1) Accounting: A 0.5 B 0.5
A -> B (at address b2) Accounting: A 0.5 B 0.5
After B has granted the object at address b2 to C, the situation
changes as follows:
A -> B (at address b1) Accounting: A 0.5 B 0.5
A -> C (at address c1) Accounting: A 0.5 C 0.5
In this scenario, B and C are charged with half a mapping node for
each mapping they own. A is charged with a full mapping node,
but since it knows that B requested both mappings, it can ask B
for compensation.
- Andreas
More information about the l4-hackers
mailing list