[coyotos-dev] Moving to one address space
Jonathan S. Shapiro
shap at eros-os.com
Thu Mar 22 13:30:46 CDT 2007
We have just made a decision to move to a single address space for
Coyotos. Under this revision, pages and cappages may both be "validly"
mapped in the user address space. Care is taken to ensure that no data
load/store will ever reference a capability page and vice versa.
The intended implementation is that the kernel will construct
translations for capability pages, but will leave the leaf-level
hardware valid bit CLEAR (meaning invalid) for these pages. A
software-defined bit will be used to indicate that the page is
capability valid.
When a process references a capability via a capitem_t in an invocation,
the kernel will hand-walk the hardware tables to find the relevant PTE,
and map it into a temporary mapping window with the supervisor bit
turned on in order to ensure that the application does not gain access
as a consequence of the temporary mapping.
This reduces the number of mapping tables we need to build, simplifies
the fault handling logic and the design, and significantly reduces the
number of GPTs required for typical processes.
shap
More information about the coyotos-dev
mailing list