L4.sec status ping

Marcus Voelp voelp at os.inf.tu-dresden.de
Tue Aug 7 08:54:01 CEST 2007

Wei Shen wrote:
> Hi,
> On 8/2/07, *Marcus Voelp* <voelp at os.inf.tu-dresden.de
> <mailto:voelp at os.inf.tu-dresden.de>> wrote:
>     L4.sec is (and probably will be for quite some time) an experiment
>     that
>     is still worked on in our group. Mainly due to maintenance and
>     support
>     issues the sources have not been officially released yet. Our roadmap
>     regarding L4.sec is to continue experimenting with capabilities
>     and user controlled kernel memory management. Some of the results
>     we already integrated into the Fiasco kernel, which is our
>     mainstream kernel as for now. These include kernel memory quotas,
>     security monitor style IPC permissions (though no local names yet). 
> What does "security monitor style IPC permissions" mean? Can it be
> found in current Fiasco release?
Yes, although documentation lacks behind a little bit. Check the IPCMon
package in the OpenTC Snapshot for an example how to use it these kernel
features. Primarily you can restrict the tasks to which a given task may
send IPC.
>     Others are likely to be integrated in some form in the Nova
>     microhypervisor, which we are currently developing in the course
>     of the Robin project. 
> Where can I find information about Nova and Robin? Are there any
> English documentation?

See the Executive summary for a progress report on Robin. A
specification of Robin will be released latest in Mai 2008.

Best regards


Marcus Völp

Technische Universität Dresden
Department of Computer Science
Institute for System Architecture 

Tel: +49 (351) 463 38350
Fax: +49 (351) 463 38284

Email: voelp at os.inf.tu-dresden.de
Web: http://os.inf.tu-dresden.de/~voelp

More information about the l4-hackers mailing list