Opening up the Kernel to 3rd Parties
Herbert Bos
For safety reasons, most modern operating systems allow only users
with the highest privileges ('root users') to program the kernel
directly. However, there exist many application areas (e.g. in
network packet processing) where 3rd party code would benefit from the
ability to execute below the kernel boundary. In the Open Kernel
Environment (OKE), we allow any party with the appropriate credentials
to load fully optimised native code in a safe manner in the heart of
the Linux kernel. Depending on the credentials the code will get more
or less access to resources, such as CPU time, heap, stack, APIs,
etc. The restrictions are enforced by a trusted compiler. In other
words, the OKE offers a safe and flexible environment for programming
the kernel. In this talk, I will give an overview of the OKE, and of
the mechanisms that were used to restrict the modules.
|
