> Actually, UDI opens up some interesting possibilities for *increasing*
> system security in the light of untrusted drivers. The UDI APIs are
> designed so that an OS could, if it chose to, run a driver in its own
> private address space, thereby preventing core kernel corruption from
> stray pointers or deliberate misuse, in much the way user applications
> are prevented from corrupting the kernel (though not necessarily with
> the same overhead cost).
> Presumably, such an OS would provide a way to configure the level of
> trust on a per-driver (or even device) basis.
Great! Why we need to artifactually create enemy just to start war with them ?
How long this war will lasts if you'll have buggy driver for SCSI adapter to
which disk drive with swap file is connected ? Or buggy network driver for
computers without disk and swap over NFS ? How much you benefit from
"uncorruped kernel" with totaly destroyed swap ? If you have buggy driver for
essentional hardware you could not protect OS, good API or bad API.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/