dynamic reconfiguration

ba_f ba_f at rbg.informatik.tu-darmstadt.de
Mon Aug 8 12:32:02 CEST 2016 

Am 2016-08-05 15:08, schrieb Matthias Lange:
> Hi,
> 
> On 08/04/2016 03:05 PM, ba_f wrote:
>> But, is it also possible to do some configuration during run-time i.e.
>> dynamic reconfiguration?
>> Here are two examples I can think of:
> 
> Well, it depends ...
> 
>> - IPC-Channels: Instead of defining Server and its Clients in conf.cfg
>> statically, is it possible to create IPC-Channel during run-time? 
>> Let's
>> say, I have a L4re-App in conf.cfg defined as IPC-Server but, no
>> Clients, yet. Now, may any L4re-App create a IPC-Channel by itself and
>> such link to that IPC-Server?
> 
> The answer is 'Yes.' and 'No'. The answer to the first question is that
> this is exactly what ned is doing. Ned creates an IPC gate object and
> maps it into the tasks as specified in the provided Lua configuration.
> 
> The second is not possible for multiple reasons. The first one is, that
> the server side already needs the IPC gate object to bind its server
> loop to. Another task has no means to "lookup" the existing IPC gate
> object. In fact that's the idea behind a capability system.

So, what you are saying is this: In fact, Ned maps the IPC-Channels at 
run-time but practically, one has to configure all IPC-Channels possible 
in Lua.cfg, statically.
An ordinary L4Re-App is not able to link to an IPC-Server App if this 
channel hasn't been configured in Lua.cfg, right?
In this case, the L4Re-App also cannot manipulate Ned or something at 
run-time to create an IPC-Channel, afterwards.


>> - New Tasks: Is a L4re-App able to create a new task? I.e. push a 
>> thread
>> into its own address-space? The new task would require some access
>> rights, too.
> 
> Yes. Ned and L4Linux are just two examples doing this.

Interesting.
Can you give an example why and when L4Linux is doing this, please?

As L4Linux is just an "ordinary" L4Re-App I assume that any L4Re-App can 
create new tasks, don't they?
Or, do I have to configure such L4Re-Apps with specific rights, 
statically in Lua.cfg or something?

Now, what about the security issues?
Let's say L4Linux creates a new Task "Child".
Does "Child" have the same access rights as L4Linux has, only?
Or, may L4Linux even give enhanced access rights to "Child"?
E.g. "Child" could be a HW-Driver and such would require access rights 
to some HW-Address.



> Best,
> Matthias.

Thanks Matthias,

ba_f

More information about the l4-hackers mailing list