The concept goes something like this. I don't want people writing code that runs directly against my hardware. They can make mistakes; they can put in bugs, maybe they generally just a security risk and try to access things that have nothing to do with the device that they are meant to.
One answer is to make them user space drivers, this is a good idea. You can then lock them down a bit. Then they will only run with the authority of the user, or if you use capabilities, you can lock them down further. However, drivers still take specialist kernel programming knowledge even when written in user space. What if the only thing that wrote drivers was the kernel itself?
What if a DDL (Driver Description Language) framework could be devised that was easy to learn and write for? Included modern mechanisms to capture programming errors. Was only allowed to be linked to the device that it was to be operating. System policies can be applied because it is the kernel itself that is writing the code. Once the DDL Driver is written, it could actually be portable??? A driver that once written can run on a bunch of different OS's without ANY changes?
Having never written a driver myself, I don't know if this is a complete load of baloney. So, I will throw it out to you guys. I am interested in what you guys think. Is this possible? Has anyone ever done any work on it?
So to summarise:
Qualified User installs DDL Driver
System Recognises DDLD
System Compiles DDLD
System Uses Driver
Feasible?
_______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
