No problem - Itanium has the architecture you need. You can isolate all the physical memory into compartments controlled by a protection key. Each compartment has the ability to individually control read, write and execute privileges.
Peter [EMAIL PROTECTED] -----Original Message----- From: Paul A Houle [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 09, 2005 1:07 PM To: [email protected] Subject: Re: pgp trust for https? Peter J. Cranstone wrote: >Currently Windows, Linux and Unix only use two levels of privilege - Ring 3 >and Ring 0. Everybody and there uncle's code want to run at Ring 0. Another >really bad idea, as once I introduce a network/video/keyboard/whatever >driver at that level I can execute malicious code. From there I can control >the machine. > > > You'd need a new hardware architecture for ring 1 drivers to be worth it. The trouble is that drivers can initiate DMA operations against physical memory. Unless you devise some system where the OS can veto DMA operations, protection in the CPU is worthless.
