[okl4-developer] L4.sec status ping

Jorge Torres jorge.torres.maldonado at gmail.com
Tue Aug 7 23:18:31 CEST 2007


Hi,

Shouldn't IPC restrictions and such be implemented on top of L4, in some OS
personality?

Thank you,

Jorge

On 8/7/07, Gernot Heiser <gernot at nicta.com.au> wrote:
>
> >>>>> On Tue, 7 Aug 2007 13:26:58 +0800, "Wei Shen" <cquark at gmail.com>
> said:
> WS> Hi,
> WS> On 8/3/07, Gernot Heiser <gernot at nicta.com.au> wrote:
>
> WS>     The commercial OKL4 microkernel is converging on the seL4 API, it
> WS>     presently contains simplified versions of IPC control and all
> kernel
> WS>     resource allocation is under control of a user-level policy
> server. It
> WS>     should implement a full seL4 API probably sometime next year.
>
> WS>     Gernot
>
> WS> I have several questions:
> WS> 1)What does "simplified versions of IPC control" refer to?
>
> There is a privileged IpcControl() syscall that allows you to set IPC
> restrictions on an address space (send anywhere, send anywhere except
> some, send only to some).
>
> WS> 2)"all kernel resource allocation is under control of a user-level
> policy
> WS> server" - does the user-level policy server refer to Iguana?
>
> As far as the kernel is concerned, it's the root task. In the OKL4
> system the root task is Iguana.
>
> WS> 3)Can these features you noted be found in current Pistachio-e and
> Iguana
> WS> release? All they belong to close-source part of OKL4?
>
> They are in the released open-source OKL4l, and nicely documented in
> the very extensive (260 page) OKL4 Microkernel Programming Manual
> available at http://portal.ok-labs.com/
>
> There is no closed-source part of OKL4, other than platform code that
> is specific to proprietary customer hardware. However, there is a
> release backlog (sorry). Nevertheless, what you are asking for is
> released, supported, deployed by commercial customers, and open
> source.
>
> Gernot
>
> _______________________________________________
> l4-hackers mailing list
> l4-hackers at os.inf.tu-dresden.de
> http://os.inf.tu-dresden.de/mailman/listinfo/l4-hackers
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://os.inf.tu-dresden.de/pipermail/l4-hackers/attachments/20070807/b87ae42b/attachment.html>


More information about the l4-hackers mailing list