From: dmitry@elros.cbb-automation.de (Dmitry Kazakov)
Subject: Re: Ada OS Kernel features
Date: Fri, 07 Sep 2001 08:13:17 GMT
Date: 2001-09-07T08:13:17+00:00 [thread overview]
Message-ID: <3b988016.2692359@news.cis.dfn.de> (raw)
In-Reply-To: 3B977D35.B3B7581B@icn.siemens.de
On Thu, 06 Sep 2001 15:42:13 +0200, Alfred Hilscher
<Alfred.Hilscher@icn.siemens.de> wrote:
>I don't think that every driver _must_ have write access to system
>internal data. An graphic driver for example does not need to write in
>the process-table (please correct me if I'm wrong). If there are drivers
>that need to do so, they should not access these data structures
>directly, but via access procedures (which could do checks). And even if
>a driver corrupts system internal data, then hopefully they belong only
>to one process and not to the inner kernel. In this case I think it
>would be more acceptable to kill one process instead of killing the
>whole system.
>
>So if there are a few drivers where this can not be done, then do it for
>the rest. 50% failure tolerance is even better than 0%.
I believe it is a goal of new OO OS design to get rid of
all-or-nothing strategy. A driver should have access to only the
system objects it should. No more and no less. An unhandled exception
in the driver should be caught an handled by the driver's "owner". If
this handling means "to kill a process", fine.
Regards,
Dmitry Kazakov
next prev parent reply other threads:[~2001-09-07 8:13 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-09-05 5:58 Ada OS Kernel features Brian Catlin
2001-09-05 10:15 ` Jacob Sparre Andersen
2001-09-05 11:16 ` Larry Kilgallen
2001-09-05 17:06 ` Brian Catlin
2001-09-06 14:35 ` Marin David Condic
2001-09-07 9:31 ` Tarjei T. Jensen
2001-09-05 17:55 ` David Starner
2001-09-05 18:42 ` Darren New
2001-09-12 6:47 ` Mats Karlssohn
2001-09-05 14:04 ` Ted Dennison
2001-09-05 17:23 ` Brian Catlin
2001-09-05 20:17 ` Ted Dennison
2001-09-05 21:10 ` Brian Catlin
2001-09-06 6:45 ` Tarjei T. Jensen
2001-09-06 6:56 ` Brian Catlin
2001-09-06 14:05 ` Ted Dennison
2001-09-05 16:02 ` Alfred Hilscher
2001-09-05 16:19 ` Jacob Sparre Andersen
2001-09-05 17:58 ` Brian Catlin
2001-09-05 17:44 ` Brian Catlin
2001-09-05 17:58 ` Darren New
2001-09-05 18:51 ` Larry Kilgallen
2001-09-05 19:25 ` chris.danx
2001-09-05 20:07 ` Darren New
2001-09-05 20:14 ` Larry Kilgallen
2001-09-06 13:45 ` Alfred Hilscher
2001-09-06 18:06 ` chris.danx
2001-09-06 19:41 ` Larry Kilgallen
2001-09-06 22:32 ` chris.danx
2001-09-07 11:04 ` Larry Kilgallen
2001-09-07 8:04 ` Dmitry Kazakov
2001-09-07 8:18 ` Mattias Svensson
2001-09-07 12:40 ` Dmitry Kazakov
2001-09-12 7:12 ` Mats Karlssohn
2001-09-05 20:18 ` Brian Catlin
2001-09-06 6:48 ` Ole-Hjalmar Kristensen
2001-09-06 6:59 ` Brian Catlin
2001-09-10 7:32 ` Ole-Hjalmar Kristensen
2001-09-06 13:42 ` Alfred Hilscher
2001-09-07 8:13 ` Dmitry Kazakov [this message]
2001-09-08 3:55 ` Kenneth Almquist
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox