Memory Protection AGAIN

[bloodline]

AeroMan wrote:
Thanks for the explanation Bloodline,

One more question:


Would it be possible to treat memory under three different areas like this:

 1) System (system structures and stuff that wasn't previously allocated) - memory has no protection and everyone can see and modify it.

BANG! You are no longer memory protected... any rogue task can take the sysetm down.

Also pretty much the entire OS would need to be shared... what kind of weird OS protects it's tasks and not the OS :lol: ;-)

 2) Code (all of it...) - only system can play around with that. Let's sacrifice self modifyable code.

That's a good one, I think OS4 does this... but without full memory protection, one naughty task and the whole system integrity is gone... BANG! No more memory protecction!

 3) Data (all allocated memory) - only tasks and sub tasks may modify it.

The Tasks don't provide enough info to the OS for it to know what needs to be shared and what doesn't... it would all have to be shared... BANG! No more memory protecction!

It is not perfect, but maybe it can improve a little bit the situation. ;-)

A little protection is more dangourus than no protection... it might hide a more serious problem with your program!!! :-(

[bloodline]

shoggoth wrote:
In FreeMiNT (ok, I'm from the other side of the fence, sorry), it's possible to specify the level of protection for each process through dedicated flags in the program header. In practice, this means that you can flag two apps as belonging to "global" memory, causing them to share the same address space. These two applications can then access eachothers memory freely. (Ok, it's not considered perfectly clean, but it provides some degree of compatibility for older applications). Well behaved applications can run as "private", and their memory can't be touched nor can they touch other memory belonging to other processes.

Couldn't this approach be used in AmigaOS as well?

It's easy to put Memory Protection into AmigaOS... but it will break all exisiting apps since they do not tell the OS that that want to share data...

What you seem to be sugesting is sandboxing the old apps... this is indeed the only way to add MP :-)

[bloodline]

Einstein wrote:

biggun wrote:
My 2 cents,

* Memory protection is nearly impossible to implement under the idea of AMIGA OS.

So apple fans don't regard MacOSX as Mac(OS) ?

Actually I'm a bit of an Apple fan... and I don't consider anything pre MacOSX to be MacOS :-D :lol: But then I've only ever really used and owned OSX based Macs.


Biggun has a point though, as soon as we add MP, we essentially have a new operating system... in much the same way as OSX isn't the same OS as System x.x

If we want MP, we will need to sandbox all the old apps... in the same way Apple sandboxed Classic apps in OSX :-)

* That AMIGA OS does not require memory protection gives it a VERY BIG speed boost.

What is the performance boost useful for when you will *not* use it for anything meaninful when slightest bug in any running task can destroy, say, the CD/DVD I was burning. Now it's (the CD/DVD) just useless and intended for the garbage can, and I'm now loading XP to do it the *safe* way, sheesh!

Yeah, trouble is I agree with both of you here! :crazy:

* I would like to point out that there are other ways to stabilize a system. 99% of crashed come from bad pointer arithmetic. You can try to reduce the harm cause by the bad pointer by enforcing memory protection (for a high cost) or you can use coding styles which will not cause this problem in the first place. A would like to point out that the Amiga Oberon programs did NEVER crash!

It's like saying we don't need Police Departments, only if people behave than we could rid of'em have gain an economic boost, but unfortunately this is not reality.

[/quote]

Actually I'm actinated by Managed code systems... but it's not an option for AmigaOS, unless you band the use of C/C++/ASM/E/Etc...

I agree that this topic has nothing to do with the Coldfire.
And that for continues discussion opening another thread makes good sense.

Well, claims need to be answered, on spot, sorry about that.

Well lets keep all replies in this thread now :-)

[Einstein]

bloodline wrote:

Actually I'm a bit of an Apple fan... and I don't consider anything pre MacOSX to be MacOS :-D :lol: But then I've only ever really used and owned OSX based Macs.


Biggun has a point though, as soon as we add MP, we essentially have a new operating system... in much the same way as OSX isn't the same OS as System x.x

But users don't dwell in the OS internals

If we want MP, we will need to sandbox all the old apps... in the same way Apple sandboxed Classic apps in OSX :-)

I agree, it's the only way to remain truely compatible while freeing the OS from stone age technology.

* That AMIGA OS does not require memory protection gives it a VERY BIG speed boost.

What is the performance boost useful for when you will *not* use it for anything meaninful when slightest bug in any running task can destroy, say, the CD/DVD I was burning. Now it's (the CD/DVD) just useless and intended for the garbage can, and I'm now loading XP to do it the *safe* way, sheesh!

Yeah, trouble is I agree with both of you here! :crazy:

Well one either trades off safety or speed, I do the latter since I'm perfectly sane :-P

Well lets keep all replies in this thread now :-)

Sure thing

[bloodline]

Einstein wrote:

bloodline wrote:

Actually I'm a bit of an Apple fan... and I don't consider anything pre MacOSX to be MacOS :-D :lol: But then I've only ever really used and owned OSX based Macs.


Biggun has a point though, as soon as we add MP, we essentially have a new operating system... in much the same way as OSX isn't the same OS as System x.x

But users don't dwell in the OS internals

AmigaOS users do... it's all we have left! :-D

If we want MP, we will need to sandbox all the old apps... in the same way Apple sandboxed Classic apps in OSX :-)

I agree, it's the only way to remain truely compatible while freeing the OS from stone age technology.

Bring on AROS 2.0!! :lol:

* That AMIGA OS does not require memory protection gives it a VERY BIG speed boost.

What is the performance boost useful for when you will *not* use it for anything meaninful when slightest bug in any running task can destroy, say, the CD/DVD I was burning. Now it's (the CD/DVD) just useless and intended for the garbage can, and I'm now loading XP to do it the *safe* way, sheesh!

Yeah, trouble is I agree with both of you here! :crazy:

Well one either trades off safety or speed, I do the latter since I'm perfectly sane :-P

Well, the lack of MP (or rather AmigaOS's weird modular everything in user space kernel-type-thing) is probably the only real difference between AOS and all other OSs...

AmigaOS is a wierd beast, it's not quite one thing or the other... :-)

Well lets keep all replies in this thread now :-)

Sure thing

Woohoo! ~7800 posts and finally, my own thread :-)

[Einstein]

bloodline wrote:

AmigaOS users do... it's all we have left! :-D

It's sad the day *users* start making out with the corpse :violin:

Woohoo! ~7800 posts and finally, my own thread :-)

I knew deep down I was a kind soul :-P

[shoggoth]

bloodline wrote:

shoggoth wrote:
Couldn't this approach be used in AmigaOS as well?

It's easy to put Memory Protection into AmigaOS... but it will break all exisiting apps since they do not tell the OS that that want to share data...

What you seem to be sugesting is sandboxing the old apps... this is indeed the only way to add MP :-)

Maybe I'm completely lost, but let's say there is a default state for legacy applications, identical to what I referred to as "global" in my previous post. Any application that hasn't explicitly declared itself as being memory protection aware will run in this mode. An extra hunk in the binary format could declare the protection mode for each segment. The OS treats such binaries differently compared to legacy binaries. The result is protection for "modern" apps, while keeping compatibility (and risks) with older apps.

(note - I haven't exactly fooled around with kernel design, so take this as food for debate rather than proper argumentation)

[bloodline]

shoggoth wrote:

bloodline wrote:

shoggoth wrote:
Couldn't this approach be used in AmigaOS as well?

It's easy to put Memory Protection into AmigaOS... but it will break all exisiting apps since they do not tell the OS that that want to share data...

What you seem to be sugesting is sandboxing the old apps... this is indeed the only way to add MP :-)

Maybe I'm completely lost, but let's say there is a default state for legacy applications, identical to what I referred to as "global" in my previous post. Any application that hasn't explicitly declared itself as being memory protection aware will run in this mode. An extra hunk in the binary format could declare the protection mode for each segment. The OS treats such binaries differently compared to legacy binaries. The result is protection for "modern" apps, while keeping compatibility (and risks) with older apps.

(note - I haven't exactly fooled around with kernel design, so take this as food for debate rather than proper argumentation)

Yes, that's right. This is almost exactly as apple did it... The OS detects via the file header that the app predated MP and then that app is loaded into a sandbox environment that has no Memory protection... in AROS this is how one could use an integrated UAE :-)

But this thread isn't about how to build a sandbox, it is about ideas to retrofit MP into AmigaOS and why it isn't really possible :-)

[shoggoth]

bloodline wrote:
But this thread isn't about how to build a sandbox, it is about ideas to retrofit MP into AmigaOS and why it isn't really possible :-)

Ah, sorry, my bad. I thought it was about memory protection in an AmigaOS-like environment

[bloodline]

shoggoth wrote:

bloodline wrote:
But this thread isn't about how to build a sandbox, it is about ideas to retrofit MP into AmigaOS and why it isn't really possible :-)

Ah, sorry, my bad. I thought it was about memory protection in an AmigaOS-like environment

Well, I suppose it is really... But, there is nothing really to debate on the "Sandbox" issue... :-D

What is interesting is to give people a greater insight into how AmigaOS works at a fundamental level, it's a facinating topic, and one that I really enjoy thinking about... AmigaOS is the last of it's kind... a living fossil, if more people studied it they would have a better idea of operating system design, for sure!

[adonay]

@bloodline whats up with the extreme doubble posting always "the higher the multiplyer the better" ? Surely you must know how to use edit ? Does not make sense to me ? :lol:

[bloodline]

adonay wrote:
@bloodline whats up with the extreme doubble posting always "the higher the multiplyer the better" ? Surely you must know how to use edit ? Does not make sense to me ? :lol:

I'm sorry, I've not double posted... :-?

[persia]

The Amiga - coelacanth of computers!

:hat:

[Fats]

bloodline wrote:

Well, I suppose it is really... But, there is nothing really to debate on the "Sandbox" issue... :-D

Yes there is :-D:-D.
People often don't make a distinction between memory protection and virtual/private address spaces. But it are two different things.
On UNIX, Linux, Windows private address spaces are used as a mechanism to implement memory protection. That's also why a lot of people think that it is the only true way to implement MP. This is not true.
You can also have a single address space memory protected OS. IMO this is the way MP should be introduced into amiga-like OSes and I would implement it on the Memory Pool level. Per memory pool a program can decide which other programs can access this memory; old program would then just allocate memory from pools that can be read and written by all tasks. This makes also the 'sandboxing' much less intrusive then what people normally assume.

greets,
Staf.

[hardlink]

bloodline wrote:

What is interesting is to give people a greater insight into how AmigaOS works at a fundamental level, it's a facinating topic, and one that I really enjoy thinking about... AmigaOS is the last of it's kind... a living fossil, if more people studied it they would have a better idea of operating system design, for sure!

First off, adding MP to Amiga OS after the launch of the A1000 has been brainstormed and debated for over 20 years by some of the brighest people ever, starting with the original Lorraine developers themselves - and the conclusion that it would break all pervious apps has never changed. I once heard RJ Mical say at an Amiga show that's a big lesson they remembered when they designed the 3DO.

Although MP would be great, the Amiga OS single address space design is one of the things that make it the most facinating OS I've ever used, and the only one I'll devote any time whatsover to when I'm not getting paid for it. I used unix at work before the Amiga came out, and what a breath of fresh air when it did - a machine that is actually FUN, and understandable to the core without devoting a lifetime to it. I still get paid to do unix, and it has gotten even bigger and more complicated, while the Amiga has gotten more fun!

An workable approach to stability was described long ago by Dr. Peter Kittel of CBM Europe, the SAS/C guys, and others: use the tools like Enforcer & dump any badly programmed apps. But I like to be on the edge