home *** CD-ROM | disk | FTP | other *** search
- Path: comma.rhein.de!serpens!not-for-mail
- From: mlelstv@serpens.rhein.de (Michael van Elst)
- Newsgroups: comp.sys.amiga.misc
- Subject: Re: OS features
- Date: 24 Jan 1996 23:17:29 +0100
- Organization: dis-
- Message-ID: <4e6b5p$aet@serpens.rhein.de>
- References: <4aj1tc$39r@candelo.dpie.gov.au> <13213430@sourcery.han.de> <wfblanDL60p0.D0y@netcom.com> <1058.6591T492T1743@cycor.ca> <DLnqBB.DuD@focus-systems.on.ca> <4e442t$4ve@serpens.rhein.de> <4e657d$2db@news.rhrz.uni-bonn.de>
- NNTP-Posting-Host: serpens.rhein.de
-
- fasten@zeus.informatik.uni-bonn.de (Bernhard Fastenrath) writes:
-
- >Maybe not. Let's say (as you suggested earlier) that some subsystems
- >(e.g. Intuition) have the permission to read and write any memory region.
-
- Not any region, just some regions from clients of the library.
-
- >Intuition functions would have to check if the pointers received from
- >process A point into A's memory and, of course, if they are consistent
- >and don't corrupt Intuition's internal data when used (That's a good piece
- >of work for the programmers and for Intuition at runtime but I guess it's
- >possible).
-
- I guess it is not feasible because it is too much overhead.
-
- >Programs which want to browse internal data structures of Intuition are
- >either given permission or fail.
-
- This requires even finer protection spaces as you may want them to
- access _some_ Intuition data, even to _modify_ Intuition data but
- just not everything that Intuition manages.
-
- >How about this: Write access to a data structure shared between a process
- >and Intutition marks the data structure as dirty and Intuition has to
- >perform consistency checks again before using it.
-
- Even slower.
-
- >Device drivers would have to be a subsystem with the license to kill
- >(read/write everything).
-
- One possibility but that requires new drivers too because none of them
- check the buffer adresses passed to them.
-
- >System hooks would be restricted to programs
- >which were given special permission.
-
- Unfortunately the whole object oriented GUI consists of "system hooks".
-
- >Old programs could use one address space and pass pointers as much as
- >they want to.
-
- That's not really a solution. The end of this idea is to write a completely
- new OS and run AmigaOS as an emulation. I don't think that this is worth
- any effort.
-
- >Maybe if A calls PutMsg() it gives the receiving process B
- >the permission to read/write its memory.
-
- Can't be done with message granularity. Any communication would
- be again completely unprotected. Even more, any program can send
- messages to any other program this way.
-
- >New programs could
- >also use PutMsg() but they'd allocate the message from a special pool
- >and the other task receives only read/write permission for this pool.
-
- Yes. This has to be the way.
-
- >The private memory of new programs wouldn't have to be in the global
- >address space.
-
- Yes. But communication of old and new programs make this difficult. You
- need a geometric mapping (i.e. global address space is in the first 1GB,
- private addresses are in the second 1GB, or similar), otherwise you
- run into cases where communication is not possible because address spaces
- overlap.
-
- >Another difference between old and new programs could be that the memory
- >of old programs must not be swapped while new programs can decide for
- >each of their pools if it has MEMF_SWAP set or not.
-
- I suggest that old program can be tagged to allow some or all of their
- segments and memory allocations to be swapped out.
-
- >PS.: #define MEMF_PUBLIC 0
-
- Something like that, yes :)
-
- --
- Michael van Elst
-
- Internet: mlelstv@serpens.rhein.de
- "A potential Snark may lurk in every tree."
-
