Wei Shen wrote:
Hi,
On 8/2/07, *Marcus Voelp* <voelp@os.inf.tu-dresden.de mailto:voelp@os.inf.tu-dresden.de> wrote:
L4.sec is (and probably will be for quite some time) an experiment that is still worked on in our group. Mainly due to maintenance and support issues the sources have not been officially released yet. Our roadmap regarding L4.sec is to continue experimenting with capabilities and user controlled kernel memory management. Some of the results we already integrated into the Fiasco kernel, which is our mainstream kernel as for now. These include kernel memory quotas, security monitor style IPC permissions (though no local names yet).
What does "security monitor style IPC permissions" mean? Can it be found in current Fiasco release?
Yes, although documentation lacks behind a little bit. Check the IPCMon package in the OpenTC Snapshot for an example how to use it these kernel features. Primarily you can restrict the tasks to which a given task may send IPC.
Others are likely to be integrated in some form in the Nova microhypervisor, which we are currently developing in the course of the Robin project.
Where can I find information about Nova and Robin? Are there any English documentation?
See the Executive summary for a progress report on Robin. A specification of Robin will be released latest in Mai 2008.
Best regards
Marcus