• barsoap@lemm.ee
    link
    fedilink
    arrow-up
    2
    ·
    8 个月前

    L4. HURD never panned out, and L4 is where the microkernel research settled: Memory protection, scheduling, IPC in the kernel the rest outside and there’s also important insights as to the APIs to do that with. In particular the IPC mechanism is opaque, the kernel doesn’t actually read the messages which was the main innovation over Mach.

    Literally billions of devices run OKL4, seL4 systems are also in mass production. Think broadband processors, automotive, that kind of stuff.

    The kernel being watertight doesn’t mean that your system is, though, you generally don’t need kernel privileges to exfiltrate any data or generally mess around, root suffices.

    If you want to see this happening – I guess port AMDGPU to an L4?

    • acockworkorange@mander.xyz
      link
      fedilink
      arrow-up
      1
      ·
      8 个月前

      seL4 is the world’s only hypervisor with a sound worst-case execution-time (WCET) analysis, and as such the only one that can give you actual real-time guarantees, no matter what others may be claiming. (If someone else tells you they can make such guarantees, ask them to make them in public so Gernot can call out their bullshit.)

      That bit on their FAQ is amusing.