l4-hurd
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Questions about the device driver framework

From: Peter 'p2' De Schrijver
Subject: Re: Questions about the device driver framework
Date: Fri, 21 Jan 2005 14:01:58 +0100
User-agent: Mutt/1.5.6+20040907i 
On Fri, Jan 21, 2005 at 12:00:13PM +0100, Bas Wijnen wrote:
> Daniel Wagner wrote:
> >>Does all drivers trust each other?
> >
> >
> >Nope they don't have to but at some point its getting a bit tiresome
> >not to trust the device drivers.  Of course you have to be careful
> >from where new drivers are loaded but as soon a driver gets active in
> >the ddf it has access to all hardware resources.  So there is no point
> >in creating a 'secure' environment.
> 
> Are you saying that if I want to write a driver which needs, say, some
> i/o ports and an interrupt, it will automatically be allowed to use
> everything?  That doesn't sound like a very good idea...  I hope that
> the idea then is to make those hardware drivers as simple as possible,
> so the actual "meat" of the driver (which contains policy) can be
> written by a mortal user (who must of course has access to the device file)?

With current PC hardware it's impossible to prevent drivers from
overwriting arbitrary memory by programming  wrong addresses in DMA 
controllers etc. So you basically have to trust most drivers to behave. 
Wrongly programmed PCI chips can also cause the entire PCI bus to fail taking 
the system down. This is mainly a problem for drivers controling devices
which are directly accessible by the CPU. For message based buses like
USB and 1394 protection looks more feasible.

Cheers,

Peter (p2).

Attachment: signature.asc
Description: Digital signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]