[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [MiNT] Where shall we go tomorrow?

To: Hartmut Keller <keller@informatik.uni-stuttgart.de>
Subject: Re: [MiNT] Where shall we go tomorrow?
From: "Konrad M. Kokoszkiewicz" <draco@obta.uw.edu.pl>
Date: Mon, 13 Dec 1999 20:44:32 +0100 (CET)
Cc: mint@fishpool.com
In-reply-to: <3851910B.ABB60BE4@informatik.uni-stuttgart.de>
Sender: owner-mint@fishpool.com

> 3. Keep a special small 68000-optimized kernel and update it from time
>    to time

<snip>
 
> the 68000 kernel to the current state of the standard kernel. So I would 
> strongly discourage solution 3. Moving 68000 support to a different 
> development level is more or less the same as discarding the 68000
> support at all (at least in the long term).

Strictly speaking, that wasn't the intention. The intention behing the
"68k kernel" was to modify the common source tree so that compiling 68k
target would produce a 68000 optimized kernel rather than generic one
(exactly like target 030 produces less or more 68030-optimized kernel).
Nothing more, nothing less. It does not mean, in particular, that there
would be a separate source tree for 68000 kernel.

The "only" problem is that we loose unversal MiNT installer then (the
installer like KGMDINST.TOS is in fact the generic 68000 MiNT kernel,
obviously).

> About the security discussion: The goal of the MiNT development should
> be to eliminate all programs that need to use supervisor mode. If this
> goal is achieved, then the super calls can be blocked completely. If
> there 
> is no other way to leave user mode (e.g. by hooking in any trap or
> exception
> routine) then the system can be made very secure and stable. I know, at

Or we cannot blame applications for crashes anymore :)

> we provide three levels of security in the kernel, e.g. switchable by
> some settings in the MiNT configuration: 1. Low security using no 
> restrictions on super calls. This is the state we have now. 2. High 
> security allowing no super calls at all. This is the final goal. 
> 3. A medium security level informing about processes doing the super 
> calls, so that users can decide if they need the tool/application or
> not, 
> but still allowing them to run. This is an inbetween state between 1.
> and 2.

Something like that has been already done (year or two ago). The main
problem is that also specific MiNT programs like to get into supervisor,
because they are linked with MiNT Library, and the MiNT Library up to
patchlevel 46 *loved* to use Super() and Supexec() calls. The lib is
fixed, but binaries remain.

--
Konrad M.Kokoszkiewicz
|mail: draco@atari.org                  |  Atari Falcon030 user   |
|http://www.obta.uw.edu.pl/~draco/      | Moderator gregis LATINE |
|http://draco.atari.org                 |       (loquentium)      |

** Ea natura multitudinis est,
** aut servit humiliter, aut superbe dominatur (Liv. XXIV,25)
*************************************************************
** U pospolstwa normalne jest, ze albo sluzy ono unizenie,
** albo bezczelnie sie panoszy.

References:
- [MiNT] Where shall we go tomorrow?
  - From: Hartmut Keller <keller@informatik.uni-stuttgart.de>

Prev by Date: Re: [MiNT] expanded /proc vs new /kern
Next by Date: [MiNT] mintsetter 3.9
Previous by thread: Re: [MiNT] Where shall we go tomorrow?
Next by thread: [MiNT] DHCP and Ident
Index(es):
- Date
- Thread