Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Mon, 28 Oct 2002 10:32:43 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Mon, 28 Oct 2002 10:32:43 -0500 Received: from nameservices.net ([208.234.25.16]:3225 "EHLO opersys.com") by vger.kernel.org with ESMTP id ; Mon, 28 Oct 2002 10:32:42 -0500 Message-ID: <3DBD5B26.7CB1D6F8@opersys.com> Date: Mon, 28 Oct 2002 10:43:34 -0500 From: Karim Yaghmour Reply-To: karim@opersys.com Organization: Opersys inc. X-Mailer: Mozilla 4.79 [en] (X11; U; Linux 2.4.19 i686) X-Accept-Language: en MIME-Version: 1.0 To: Daniel Phillips CC: Luca Barbieri , Linux-Kernel ML Subject: Re: [PATCH][RFC] x86 multiple user-mode privilege rings References: <1035686893.2272.20.camel@ldb> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2428 Lines: 45 Daniel Phillips wrote: > Karim once talked about doing a flavor of Adeos that would drop a running > kernel into ring 1 as a result of insmodding an Adeos module, which would > allow Adeos to combine an unmodified Linux kernel with a realtime executive. Yes. The initial Adeos design (http://www.opersys.com/adeos/) spelled out the details for shoving Linux out of ring 0 and into ring 1 without modifying it. It would still have access to its page tables, but it wouldn't be allowed to use some key instructions (including cli/sti). In that scenario, the nanokernel would be the only thing running at ring 0, everything else would run in ring 1 and above. This includes all non-Linux OSes (see the Adeos paper for complete details). Though this is fine, it is very hardware dependent. Last I checked, for example, few archs have 4-level rings. If we're assuming all archs are going to act/look like x86, it may be worth the effort, but I'm not sure this is a safe bet. (Which doesn't mean some people can't find this useful, there's been at least one debugger that follows this method: http://marc.theaimsgroup.com/?l=linux-kernel&m=102675847422778&w=2) Instead, it's more interesting to run each OS copy in its own separate physical address space in priviliged mode over Adeos. This implies a few assumptions, but "in Linux we trust" (i.e. it's not doing any random physical accesses, and if it is, then it needs to be fixed). The other OSes, such as emulated WinXYZ, can also have their own physically separate address space and run in unpriviliged mode (ring 1 or worse; depending on your willingnes to implement appropriate handlers for the faults generated by the OS not running in its intended ring 0). Have a look at the "Practical SMP clusters document" at the URL above for a discussion of a relatively simple method to get multiple copies of Linux running side-by-side each in their own separate physical address space and all linked through Adeos. Karim =================================================== Karim Yaghmour karim@opersys.com Embedded and Real-Time Linux Expert =================================================== - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/