Yeah, I know, it would be very difficult...
I've read a few papers about machine code verification and then this idea simply popped up
Jep, I meant registers like cr0 and cr3...and instructions like lidt, ltr, etc.
Quote:
The rest can basically be summed up as: data accesses by a process can only be made to preset parts of the image labeled data and can also not overflow any particular section within that region that they are writing to, and instruction flow is limited to those parts defined as methods/functions, with strictly defined rules as to how to transition between different parts of code.
Yes, that was the basic idea...
Quote:
The other issue you have to consider with the "one address space for all processes" method is that it is unrealistic on 32bit machines (the designers of Singularity admit this) as you could conceivably end up sharing 4gb between all your processes and your kernel. Long mode provides much more space, so it is feasible, but you are immediately ruling out a large proportion of the computer systems out there.
Yes, older systems would not be supported... (in my opinion, if I would allow hardware protection domains, there would be not much point in verifying machine code...)
Quote:
Typed assembly is just machine code along with a proof that the verifier can cross-check against the code itself.
This is proof carrying code, right?
Oh well, thank you very much for you sharing your opinions with me! I'd really love to discuss a bit more, but I'm very tired at the moment and my head's a real mess now
cheers