Linked by Thom Holwerda on Wed 27th Jun 2007 18:59 UTC, submitted by John Nilsson
Microsoft The Singularity team at Microsoft has recently published a new article concerning their research OS. It is a concise introduction to the Singularity project. It summarizes research in Singularity 1.0 and highlights ongoing research for Singularity 2.0.
Permalink for comment 251257
To read all comments associated with this story, please click here.
Software based memory protection?
by ecko on Thu 28th Jun 2007 12:23 UTC
Member since:

Maybe I'm missing something but I am not understanding the design reason to use flat memory and software based isolation between processes aside from a performance standpoint. I assume system calls would be faster in a flat memory configuration due to the fact that the cpu no longer needs to switch into ring 0 in system calls. There may also be some CPU time saved by eliminating the need to convert from virtual to physical addresses.

The problem I see, and it's a major problem, is that there is nothing but the MSIL Runtime preventing me from grabbing memory anywhere I want it. The PDF even states that this is possible given a bug in the Sing# runtime. From what it looks like to me, this includes inside the kernel.

If I can write anywhere in the system without triggering hardware exceptions that is IMHO a very bad thing. At least with hardware level protection, user level programs trying to write into system level memory or going to at worst trigger exceptions and get themselves killed. Here, in theory it's possible for a user level program to patch a running kernel.

I know it's just a research project but I find it funny that Microsoft researchers put so much faith in software based protection of the ENTIRE system when they can't even write secure software to begin with. The rest of the industry is moving to MORE hardware based protections (Trusted computing chips anyone) and here we're stepping backwards.

Reply Score: 1