Alternative network stack design (was: Re: Potential use case for opaque space bank: domain factored network stack

[Marcus Brinkmann]

Hi,

another approach would be to combine all the resources that a network
service needs into a single resource container, which is managed in a
way similar to space banks, but using a separate management service (a
"network bank"?) that can only be used by privileged system network
services responsible for implementing the scheduling policy (ie, it is
not general purpose).

Only in a simple scenario would these network banks be equivalent to
spacebanks.  More complex semantics would allow for example to specify
I/O bandwidth guarantees as well.

There is some hazard attached to having two "classes" of memory, but
the system could provide a service to move resources from one type of
contingent to the other according to some policy.  In a dynamically
configured system there need to be ways to rebalance contingents of
resources anyway, so that seems to be a small price to pay.

One advantage of binding resources to a certain specific use in this
way is that the resource can be delegated easily for a specific
purpose.  Consider a web browser which I want to debug or monitor, for
example using intrusion detection techniques.  If the malicious code
can hide in opaque memory, this fails.  So I have to give only
transparent spacebanks to the web browser, but then it can't use the
network anymore.  Ouch!  By bundling some opaque memory into a network
resource object, I can give the web browser network access without
giving it direct access to opaque memory resources.

Of course some of this could be implemented in a user's shell based on
the EROS spacebank and factored network stack model.  The interesting
question is if conflating resources into a bundle at the system level
allows for more optimisations or more efficient resource scheduling.
Any takers?

Thanks,
Marcus