Begining of BareMetal

Discussions on more advanced topics such as monolithic vs micro-kernels, transactional memory models, and paging vs segmentation should go here. Use this forum to expand and improve the wiki!
User avatar
nekros
Member
Member
Posts: 391
Joined: Wed Mar 05, 2008 9:10 pm
Contact:

Post by nekros »

AlexExtreme wrote:
nekros wrote:as stable as possible in ring 0. The idea behind singularity I think. :D
Have you actually read anything about how Singularity works?
I did not mean it in the sense that the OS is based on Singularity. I just thought that it was *somewhat* like it.
Working On:Bootloader, RWFS Image Program
Leviathan: http://leviathanv.googlecode.com
Kernel:Working on Design Doc
User avatar
Zenith
Member
Member
Posts: 224
Joined: Tue Apr 10, 2007 4:42 pm

Post by Zenith »

nekros wrote:No, It doesn't matter if there is network services for ring 0. From a virus point of view the user can choose which one to use. I'd pick non-virus.
I still don't get it. When you say that "the user can choose," are you saying one of the following:
- That the user can set whether all the userspace programs should run in ring 0/3 (easy but inflexible)
- That the user/OS can decide which individual programs should run in ring 0/3 (complicated and unreliable)
- That the program developer decides if a program should run in ring 0/3 (downright stupid when dealing with virus developers :twisted: )

And again, I would really suggest deciding 1 ring for all the userspace programs to run in. 8)
"Sufficiently advanced stupidity is indistinguishable from malice."
User avatar
nekros
Member
Member
Posts: 391
Joined: Wed Mar 05, 2008 9:10 pm
Contact:

Post by nekros »

There are types of applications, ring 0 and ring 3. A ring 0 program will not run in ring 3. All of this will be encoded into the executable. No virus will run automatically. A user would have to choose to run the virus. When a program requests a mode switch it automatically kills itself and all other processes in the current ring. A virus cannot switch modes and then run in ring 0, it would kill itself.
Working On:Bootloader, RWFS Image Program
Leviathan: http://leviathanv.googlecode.com
Kernel:Working on Design Doc
xyzzy
Member
Member
Posts: 391
Joined: Wed Jul 25, 2007 8:45 am
Libera.chat IRC: aejsmith
Location: London, UK
Contact:

Post by xyzzy »

nekros wrote:I did not mean it in the sense that the OS is based on Singularity. I just thought that it was *somewhat* like it.
Well it's not. What Singularity does can only be done with managed code, it can verify the code at start time to make sure it doesn't do anything it shouldn't.
User avatar
Solar
Member
Member
Posts: 7615
Joined: Thu Nov 16, 2006 12:01 pm
Location: Germany
Contact:

Post by Solar »

Let me introduce myself. My name is Mallory, and I want to take over your system to turn it into a spambot.

*evillaughter*
nekros wrote:There are types of applications, ring 0 and ring 3. A ring 0 program will not run in ring 3. All of this will be encoded into the executable.
Good. My program will be running in ring 0.
No virus will run automatically. A user would have to choose to run the virus.
No problemo. I could make my program look like the latest update to application X. Or I could use a buffer overflow in your web browser to have it choose to run my code.

Or I could simply attach my code to an e-mail claiming it will show you Anna Kournikova naked.

All of this has worked millions of times in the past, why should the users of your OS be any smarter?
When a program requests a mode switch it automatically kills itself and all other processes in the current ring.
Heh, fun!

That means that I could forget all about writing my code to run in ring 0, I just write it in ring 3, request a mode switch, and kill all other processes in the current ring, i.e. kill all your userspace...

</mallory>

Sorry, but this doesn't seem to be well thought-out. Or I am seriously misunderstanding things.
Every good solution is obvious once you've found it.
User avatar
nekros
Member
Member
Posts: 391
Joined: Wed Mar 05, 2008 9:10 pm
Contact:

Post by nekros »

Don't worry this is just the beginning! Thanks for pointing out some of the problems, I'll be working on that today. :D

EDIT: The OS is still being thought out. It'll be a couple days until the next part and revision. :D
Last edited by nekros on Wed Mar 19, 2008 5:08 am, edited 1 time in total.
Working On:Bootloader, RWFS Image Program
Leviathan: http://leviathanv.googlecode.com
Kernel:Working on Design Doc
User avatar
nekros
Member
Member
Posts: 391
Joined: Wed Mar 05, 2008 9:10 pm
Contact:

Post by nekros »

Maybe I'll quite with ring 3 and have internet browser run in a virtual machine...
Working On:Bootloader, RWFS Image Program
Leviathan: http://leviathanv.googlecode.com
Kernel:Working on Design Doc
User avatar
nekros
Member
Member
Posts: 391
Joined: Wed Mar 05, 2008 9:10 pm
Contact:

Post by nekros »

Now the newer version without ring 3.

Rename to .pdf
Attachments
design.txt
(61.31 KiB) Downloaded 114 times
Working On:Bootloader, RWFS Image Program
Leviathan: http://leviathanv.googlecode.com
Kernel:Working on Design Doc
User avatar
nekros
Member
Member
Posts: 391
Joined: Wed Mar 05, 2008 9:10 pm
Contact:

Post by nekros »

please read it.
Working On:Bootloader, RWFS Image Program
Leviathan: http://leviathanv.googlecode.com
Kernel:Working on Design Doc
User avatar
ucosty
Member
Member
Posts: 271
Joined: Tue Aug 08, 2006 7:43 am
Location: Sydney, Australia

Post by ucosty »

Hi I'm mallory's twin brother colin. Actually I'm just a while(1) loop that can silently lock up your whole computer :).

On a serious note your goals are still contradictory. You have a crash proof OS where the programs are capable of doing anything to each other with impunity. What would prevent a program from just overwriting the pagetables of another program? How can you force programs to use your kernel-level provisioned protection when they will have the same privilege levels as the kernel itself?
The cake is a lie | rackbits.com
User avatar
nekros
Member
Member
Posts: 391
Joined: Wed Mar 05, 2008 9:10 pm
Contact:

Post by nekros »

Ok, I forgot to take that out, not crash proof.
Working On:Bootloader, RWFS Image Program
Leviathan: http://leviathanv.googlecode.com
Kernel:Working on Design Doc
User avatar
nekros
Member
Member
Posts: 391
Joined: Wed Mar 05, 2008 9:10 pm
Contact:

Post by nekros »

I think that I'll change my design to the typical monolithic kernel with device drivers and preemptive multitasking. The reason I chose this design is because it was simple, but nobody wants an OS that is open to crashing and viruses. :D
Working On:Bootloader, RWFS Image Program
Leviathan: http://leviathanv.googlecode.com
Kernel:Working on Design Doc
Post Reply