Hi, On Mon, Nov 13, 2006 at 10:36:34AM +0100, Tom Bachmann wrote: > > [...] > > What if a DDL (Driver Description Language) framework could be devised > > that was easy to learn and write for? Included modern mechanisms to > > capture programming errors. Was only allowed to be linked to the device > > that it was to be operating. > > How would you expect that to work? The problem, as you stated above, is > _not_ that we cannot limit what the driver is allowed to do, but that we > have to believe it that it really needs the capabilities it asked for.
IMO the required capabalities for a driver to work can be derived from the I/O resource and device structure. So devices attached to buses are dominated by the bus drivers (which may be dominated by host drivers or bus drivers again, e.g. PCI - USB - USB device). This requires more trust into bus drivers than into drivers for the attached devices, but could help to design a trusted driver tree. Opinions? Ciao -- Christian Helmuth TU Dresden, Dept. of CS Operating Systems Group http://os.inf.tu-dresden.de/~ch12 _______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
