Open vinaychandra opened 5 years ago
Thanks a lot! I'm glad that you like it.
Yes, my current plan is heap allocation, then multitasking (async/await, threads, kernel processes), and after that userspace processes (ring 3, syscalls). I updated the Roadmap accordingly.
Looking ahead; are you planning on moving to a higher-half kernel, or are you going to use a trampoline setup? What would that look like?
@Darksecond
I think a higher-half kernel is probably the easiest approach as it only needs a minimum of context switches. I'm still debating whether we should add something like kernel page-table isolation for Meltdown mitigation, but it's probably too complex.
What approach do you prefer?
I'm not totally sure yet. Currently I'm leaning towards a normal higher-half approach. Looking at other implementation of kpti you really only need to protect your kernel heap and stacks as that's where the secret data lives. KPTI then can be added on top of a normal higher-half design later (as the linux kernel did). For KTPI you need to set-up a higher-half trampoline anyways, plus you need a special stack, etc. It's not so easy to do.
My feeling is that for implementing KPTI you need to do everything you need to do for a normal higher-half kernel, and extra. So I think it could be split up, normal higher-half ring 3 first, then add KPTI later perhaps.
I'm not totally sure yet. Currently I'm leaning towards a normal higher-half approach.
Ok, seems like we're on the same page then. Let me know if you find another approach that works better.
So I think it could be split up, normal higher-half ring 3 first, then add KPTI later perhaps.
Sounds reasonable! One possible idea is to introduce KPTI together with other security measures, such as (K)ASLR, a capability system, or protecting the kernel against denial of service attacks.
Thanks for the great information and tutorials. The current state of the project looks awesome and I'm waiting for more posts.
Currently in the road map, i see multi tasking. That would cover most of the modern operating systems' major capabilities with the exception of User mode. Are you planning on providing an example of simple ring 3 user mode and traps?