[Info-vax] New filesystem mentioned

Stephen Hoffman seaohveh at hoffmanlabs.invalid
Thu May 16 19:24:02 EDT 2019 

On 2019-05-16 18:24:44 +0000, Robert A. Brooks said:

> On 5/16/2019 2:10 PM, Dave Froble wrote:
> 
>> I should shut up now, but let me ask, does getting loaded as part of 
>> the OS boot indicate that all such modules are part of the kernel?
> 
> "The kernel" is composed of any number of execlets.
> 
> While a distinction may be drawn between "the kernel" and "a device 
> driver", from a practical standpoint, it's a very narrow distinction, 
> especially when you consider the difference between a port driver 
> (which touches hardware) and a class driver, which is concerned with 
> higher layer stuff, like DKDRIVER, which is the SCSI class driver.
> 
> Then there is the shadowing driver . . .


In more general terms, all of the loadable bits and all of the driver 
bits and all of the supervisor-, executive-, and kernel-mode system and 
app code is all considered part of the so-called trusted computing base 
(TCB), as it's all necessarily trusted.

Buggy or malicious or vulnerable code in a driver, or in an execlet, or 
in a user-written system service, or in the base image, can corrupt and 
can compromise and can crash OpenVMS.

Anybody remember that floating point register corruption in that device 
driver interrupt routine that arose a while back?  That was fun.  Not.  
Some device driver code was corrupting floating point register data, 
and which could then be benign or catastrophic, depending on what other 
code had been interrupted, and what that other code was storing in the 
effected registers.

Rather than (mostly) sharing the same address space, another operating 
system design approach involves formalizing the interfaces among the 
various modules, to scale down the kernel to the message-passing and 
some related features, and to run many of the operating system 
functions in what amount to processes.   This design was quite slow, 
but performance of the message-passing has gotten significantly faster 
due to better software designs and due to faster processors, and the 
increasing numbers of cores available also helps here.

This design can be implemented in the operating system:

https://www.systems.ethz.ch/sites/default/files/file/aos2012/slides/06-MicrokernelsAndIPC.pdf 

https://ts.data61.csiro.au/publications/nicta_full_text/8988.pdf
http://l4hq.org/docs/manuals/l4uman.pdf
https://web.archive.org/web/20171110115139/http://www.sture.ch/vms/Usenix_VMS-on-Mach.pdf 



...Or a somewhat similar design can be implemented in the app and 
networking software:

http://erlang.org/download/armstrong_thesis_2003.pdf  (RIP)
https://learnyousomeerlang.com





Debates over the existence of loadable modules and of the fun that can 
be the single kernel address space and of the trade-offs of modular and 
hybrid and monolithic kernel designs aside, call back when new file 
systems can be loaded into the kernel, and other new file systems can 
be loaded into user space.



-- 
Pure Personal Opinion | HoffmanLabs LLC

More information about the Info-vax mailing list