peter@sugar.UUCP (Peter da Silva) (12/18/87)
I tried to mail this, but umich.edu (a notorious mail-trasher) denied all knowledge of umich.edu.steelpotatonet. I'm not surprised. If I was them I'd deny knowledge of such a host. I didn't include it in my path, so they must have consed it up themselves (nobody else would... right?). Don't you just love creative mail rerouters? ---------- To: pla%eecs.umich.edu%umich%eecs.umich.edu%umich%umix.uucp@zippy.eecs.umich.edu Subject: Re: The Next Generation > I finally realized why we don't agree on much - we > are talking about different issues. You have been > talking about protected memory, and the advantages > thereof, whereas I've been talking about something > I am calling "interprocess protection". Wrongo, laser lips :->. Seriously... we are talking about the same thing. The difference is that you are looking to eliminate the problem altogether. I'm just interested in cutting it down as far as possible without destroying the existing software. The protected memory I was talking about wouldn't protect a task against itself... just against other tasks. I can't imagine what sort of protected memory you think I'm talking about. > However, this thing I call "interprocess protection" is > kind of a superset of protected memory. You experience > interprocess protection every time you get a core dump > on your Unix box, or I get an addressing exception on > my Apollo box, *and the system, and all other unrelated > processes keep running*. Often when I get a minor error under AmigaDOS my "task held" requestor pops up and I can keep on running. With protected memory, I'd be in that position more often. With protected memory and some enhancements to Intuition to reject obviously bogus calls (opening a window with CUSTOMSCREEN set but NULL in the Screen element, for example) Gurus would all but vanish. It will never be as secure as Apollo's OS or UNIX, but that's the nature of making a poor design decision early in the game (making to much of AmigaDOS dependent on direct access to tasks). It *will* be more secure than it is now. > If the Amiga is expanded to include protected, virtual > memory, it will obviously not have interprocess > protection. Memory locations that are in protected > areas will absolutely be safe (provided the kernel > doesn't barf), but the task using that memory may > not be, since it is forced to rely on public memory > structures to communicate with essential services, > such as keyboard and mouse input, and screen output, > not to mention the filesystem. But most diddling in chip memory is done by Intuition. Most of the gurus you get there are due to passing garbage to =RJ= and Dale. They really should be more careful about accepting hot memory addresses. Get you into WAY more trouble than hot checks... > I agree that modifying existing code to remove > dependancies on public memory is a pain, but > in that case, I feel it is a waste, primarily > since applications that are likely able to > use large virtual address spaces (protected, > of course) are also more likely to benefit > greatly from interprocess protection. We > don't need complex systems, and the more > modularity we can get, in terms or reduced > interaction between process, that we can get, > the better. Sort of agree. Complexity is not cool. On the other hand, any task can benefit from some protection. It would have to be combined with the addition of a whole bunch of calls to get to certain data structures (such as the device list) safely. > I just don't think the addition of an MMU without > the addition of software besides a Unix with > a bridgecard-style interface is worthwhile. And I think it is. If it saves my recoverable RAM disk from a Guru just once it's done its job. > You may disagree, and others as well, but many > folks that want VM want it for the interprocess > protection that it can provide, as well as the > paging and protected memory capabilities. That's the main reason I want it too. I just don't expect perfection out of proprietary operating systems [edited from a much more colorful expression in the original letter]. This is an excellent one, but it's certainly not UNIX. > By the way, I looked through all my OS texts, and > although they do mention protected memory in > many glorious forms, they don't refer to anything > specifically called "interprocess protection". If > you have a better name for it, feel free, but that > was the best I could do. Sorry for any confusion > it may have caused. No confusion. At least not down heeyar. -- -- Peter da Silva `-_-' ...!hoptoad!academ!uhnix1!sugar!peter -- Disclaimer: These U aren't mere opinions... these are *values*.