home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: comp.sys.amiga.misc
- Path: in1.uu.net!xenitec!focsys!wayne
- From: wayne@focus-systems.on.ca (Wayne Fisher)
- Subject: Re: OS features
- Message-ID: <DM4Etu.49K@focus-systems.on.ca>
- Organization: Focus Automation Systems Inc.
- References: <4aj1tc$39r@candelo.dpie.gov.au> <1058.6591T492T1743@cycor.ca> <DLnqBB.DuD@focus-systems.on.ca> <4e442t$4ve@serpens.rhein.de>
- Date: Thu, 1 Feb 1996 23:34:42 GMT
-
- In article <4e442t$4ve@serpens.rhein.de>,
- Michael van Elst <mlelstv@serpens.rhein.de> wrote:
- >wayne@focus-systems.on.ca (Wayne Fisher) writes:
- >
- >>I don't understan this line of thinking. With a MMU, you can add
- >>memory protection and virtual memory (not including paging to disk)
- >>with a minimal amount of overhead to the system.
- >No, you can't.
-
- My opinion is that it can be done.
-
- >>We're only talking
- >>single digit percentages here.
- >We are talking 10-100% depending on the system function.
-
- I wouldn't expect this. I would expect that most system calls would be
- hit with less than 10% overhead with a few at more than that. IMHO,
- average would be less than 10%.
-
- I'll admit that I haven't done any large programs under AmigaOS but I
- can't see why the overhead would be an order of magnitude more than
- most other OSs.
-
- The machine I use at work is a fully protected OS running on
- 80[345]86s. It supports virtual memory but doesn't page to disk. It's
- realtime and has incredible context switch times. Overhead from memory
- protection cannot be very high.
-
- >>although that is a natural extension to it. By virtual memory, I mean
- >>giving all programs a contiguous address space independant of other
- >>programs.
- >This breaks 99% of all programs.
-
- Maybe if you include games but they break on almost any machine that
- is capable of memory protection anyways.
-
- And if this was true, I doubt that GigaMem would exist. Nor would it
- work with a number of large commercial applications.
-
- >>Neither of these features affects the realtime nature of the machine.
- >You bet... It affects speed.
-
- What does speed have to do with realtime. Faster just means you can do
- more in the same amount of time - it isn't a requirement for realtime.
-
- >> - protect code from writes.
- >That's no problem.
-
- >> - protect unallocated memory from any accesses.
- >MMU granularity forbids this. You cannot trap accesses to partially
- >allocated pages.
-
- Memory would be allocated to program on a page basis. Sure, you can't
- protect the memory that malloc() hasn't used yet but you can catch
- stray accesses to that 8MB chunk that doesn't belong to anyone.
-
- >> - protect any ROMs from writes.
- >That's code and hardly matters. But protecting all the I/O addresses
- >would help.
-
- Well, it matters if the OS is going to catch it or not.
-
- >> - new programs' code and data would be protected from access by another
- >> process unless explicitly allowed by the program.
- >Kills close to all system functions. You had to write a completely new
- >AmigaOS.
-
- Remember, OS code can be 'priviledged' and access everyone's data. The
- biggest thing as far as programs go is in passing messages between
- each other.
-
- And yes, there would have to be some work done on AmigaOS to handle
- access to program data.
-
- >> - option to kill offending process or simply log the offence.
- >Pretty difficult. It requires some conventions on how to allocate resources.
-
- At first, it could operate similar to the "suspend" operation of the
- software failure requestor. It could return memory that was private
- and leave it at that. Anything allocated as shared would have to
- remain around.
-
- Later OS revisions could expand on this and on what memory is
- protected and how.
-
- >>"much more"? I don't think a few percentages is "much more".
- >
- >You forget that memory protection is nothing if you cannot protect
- >the system from invalid parameters to system functions. Most system
- >functions however use shared data structures.
-
- Invalid parameters is different from memory protection, at least IMO.
- What does memory protection have to do with passing a value of 1111 to
- a function that expects something in the range 0-255?
-
- Either force shared data to be explicitly allocated by the program as
- shared to work out a way to let the OS do it. No question, some though
- and work would be required here.
-
- >>And I
- >>don't see how it's going to change the whole concept of the Amiga.
- >
- >Close to everything in the system would have to be changed from using
- >shared data to anonymous handles. Each handle has to be checked for
- >validity.
- >
- >The whole concept of device drivers had to be changed.
- >BOOPSI is dead.
- >System hooks are dead.
-
- I'll admit that I'm not familiar with this area of the OS. However,
- device drivers could become a priviledged part of the OS when they are
- activated.
-
- >>It
- >>just means that you can't pass pointers between processes and the
- >>machine becomes more stable.
- >
- >Unfortunately most parameters are passed by pointers. You do have
- >to change everything.
-
- No change as far as the function prototypes of the API are concerned.
-
- Remember, I'm not asking for it all at once. Start with the "easy"
- stuff and work up from there. We might not be able to plug all the
- holes but maybe we can get all those below the water line.
-
- > Michael van Elst
-
- Wayne
-
- --
- Wayne Fisher, Software Engineer | Focus Automation Systems, Inc.,
- wayne@focus-systems.on.ca | 3-554 Parkside Drive,
- #include <stdDisclaimer.h> | Waterloo, Ontario. N2L 5Z4
- We engineer innovative imaging solutions. | (519) 746-4918
-
