[Info-vax] CRTL and RMS vs SSIO

[Lawrence D’Oliveiro]

On Thursday, October 14, 2021 at 7:14:08 AM UTC+13, Simon Clubley wrote:
>
> On 2021-10-12, Lawrence D?Oliveiro <lawren... at gmail.com> wrote:
>
>> On Wednesday, October 13, 2021 at 9:54:14 AM UTC+13, Stephen Hoffman wrote: 
>>
>>> The DEC OpenVMS advanced development group did do a prototype of 
>>> OpenVMS on Mach a ~quarter-century ago. 
>> 
>> Yeah, but Mach is a microkernel, with all the downsides that microkernels have. 
> 
> Microkernels have moved on and microkernels have massive security advantages.

Counterexample: Intel’s infamous Management Engine that exerts total control over its CPUs, that the OS cannot bypass, runs microkernel-based MINIX, and turned out to have massive security holes in it.

So the idea that microkernels have real-world security advantages is pretty dubious at best.

> BTW, QNX, which is a RTOS with a massive user base, is microkernel based.

I think it’s getting pushed aside by Linux in some areas. Remember NASA’s Mars copter? Yup, that was the first time running Linux and a bunch of other open-source software on another planet.

>>> Possible areas where kernel modifications might necessary? Linux memory 
>>> management is thoroughly two-ring, and OpenVMS expectations are 
>>> four-ring. Do you drop those areas from OpenVMS, and force app source 
>>> code changes? 
>> 
>> Where is there app code that cares about this? 
>> 
> 
> Any program that interacts with DCL for one simple example.

The fact that DCL runs in supervisor mode is an internal implementation matter. It could be replaced by a thread or an entirely separate process (even a privileged one), for example, and what difference would that make to user-mode code?

> In the current VMS design, you can't move DCL into user mode, or allow 
> user-controlled code to execute in DCL's supervisor mode, without ending 
> up with an operating system that has all the security of MS-DOS.

Yes, but as far as I know there is no user-controlled code in DCL.