Drivers

Here you can discuss ReactOS related topics.

Moderator: Moderator Team

alexei
Posts: 137
Joined: Wed Oct 19, 2005 5:29 pm

Drivers

Post by alexei »

It may very well belong to off-topic forum. If yes, please move :)
Anyway, there is an interesting concept of "rumpkernel", see https://en.wikipedia.org/wiki/Anykernel.
Taking in account compatibility issues and some desire to support 3rd party drivers from different versions of WIndows, it may be reasonable to think about creation of some similar infrastructure in ROS.
Remember "Thinstall" https://en.wikipedia.org/wiki/Thinstall? The applications were linked to a "fake" system DLLs. I'm talking about similar functionality for drivers. In addition to better stability and compatibility such approach may be used to correct issues with "misbihaving" drivers. BTW, would SXS do the trick?
PurpleGurl
Posts: 1790
Joined: Fri Aug 07, 2009 5:11 am
Location: USA

Re: Drivers

Post by PurpleGurl »

I've had similar ideas about a driver compatibility layer to make up the differences for certain older drivers. Like what do you do if all you have are 95 drivers for something?
Z98
Release Engineer
Posts: 3379
Joined: Tue May 02, 2006 8:16 pm
Contact:

Re: Drivers

Post by Z98 »

Outside the scope of this project and generally a really bad idea. Having to reconcile different types of kernel resources imposes significant complexity and overhead and as often as not you end up making yet another type in the process, inventing yet another API that someone might end up writing against that is then incompatible with anything else.
PurpleGurl
Posts: 1790
Joined: Fri Aug 07, 2009 5:11 am
Location: USA

Re: Drivers

Post by PurpleGurl »

I agree with Z98 here. If someone wanted to use 9x, 3.x, or whatever other drivers, it would be better if there was a program to automatically convert them. The Termite project or similar might be a better approach than trying to make the OS more agnostic to the version variations.
alexei
Posts: 137
Joined: Wed Oct 19, 2005 5:29 pm

Re: Drivers

Post by alexei »

"driver compatibility" is only one goal, but more important is security and stability.
Currently WIndows (and ROS) users are not protected against drivers that may have back doors and any other undesirable functionality in them. I'm talking about 3rd party closed-source drivers.
However, it seems security is not a major consern for both MS and ROS :(
Z98
Release Engineer
Posts: 3379
Joined: Tue May 02, 2006 8:16 pm
Contact:

Re: Drivers

Post by Z98 »

That is an inane claim. If you're running a kernel driver, there's nothing you can do to protect yourself from it abusing its authority since it's running in kernel mode, which gives it access to everything. If you were truly concerned about the validity of code that you execute, you would not run anything that you have not personally verified by looking at the code. Since that's pretty much impossible in this day and age even before we get to the operating system level and you're still using a computer, then you've demonstrated that you don't really care about the issue either.
Jessey
Posts: 31
Joined: Sun Oct 28, 2012 7:20 pm

Re: Drivers

Post by Jessey »

sounds like a neet side project, but it sounds like it would make reactos more bloated.
Webunny
Posts: 1201
Joined: Sat Apr 28, 2012 1:30 pm

Re: Drivers

Post by Webunny »

Jessey wrote:sounds like a neet side project, but it sounds like it would make reactos more bloated.
Neet but inane, thus?

If I'm summarizing the posts...
alexei
Posts: 137
Joined: Wed Oct 19, 2005 5:29 pm

Re: Drivers

Post by alexei »

If you're running a kernel driver, there's nothing you can do to protect yourself from it abusing its authority since it's running in kernel mode, which gives it access to everything.
Of course, driver running in kernel mode (unless you impolement hypervisor-based watch) has full freedom to make any damage or spy on you. However, most likely it would not expect you tracking its calls to system APIs. I said "improve security" not "100% security".
If you were truly concerned about the validity of code that you execute, you would not run anything that you have not personally verified by looking at the code.
Personally, I don't believe "looking at the code" can guarantee it's safe, especially when the code is huge. Running it in restricted execution environment provided by VM is simpler and more secure.

If MS really care about security, each driver would run in a separate VM, etc.
Didn't you notice, as soon as most of the security holes are closed, MS switchis to the new version opening numerous new ones?
Don't you think 2003 would be much more secure if MS spend resouces on securing it instead of developing 2008 and 2012.
10 years would be enough, right?
Preference to performance over security is just insane.
User avatar
EmuandCo
Developer
Posts: 4723
Joined: Sun Nov 28, 2004 7:52 pm
Location: Germany, Bavaria, Steinfeld
Contact:

Re: Drivers

Post by EmuandCo »

Running each driver in a VM is insane. This is not just slow, it is the worst resource Eater I heard of
ReactOS is still in alpha stage, meaning it is not feature-complete and is recommended only for evaluation and testing purposes.

If my post/reply offends or insults you, be sure that you know what sarcasm is...
Z98
Release Engineer
Posts: 3379
Joined: Tue May 02, 2006 8:16 pm
Contact:

Re: Drivers

Post by Z98 »

The market has pretty much made clear that it is not willing to pay for the overhead of properly secure software. As a company, Microsoft needs to make money so it produces software that the market is willing to pay for at a cost the market is willing to bear.

As far as I am aware of, there is only one kernel out there that is formally verified, and that is only the kernel, not all of the user space that needs to sit on top of it never mind the applications. As such, usage of this kernel tends to be in extremely specialized situations. So in the ~50 years of the software industry, we have one thing, that by its nature would have a driver API different from other platforms, that could be considered properly "secured." And you pay for this security by having to discard basically all of your existing software and have an extremely limited feature set. So, no, the resources that MS has thus far expended on the development of Windows is nowhere enough to get a "properly secured" system.
PurpleGurl
Posts: 1790
Joined: Fri Aug 07, 2009 5:11 am
Location: USA

Re: Drivers

Post by PurpleGurl »

Yes, I read about that verified kernel, and it is extremely limited. I've wondered what would happen if someone were to write a Windows-like OS to sit on top of that. I imagine it would require much more work than Wine. Someone could try to create a "fork" of ROS down the road to run on top of it. I am not sure if it would work or be worth the effort, and there is of course the problem with adding insecure code on top of it. But it would be an academic exercise.

And my comments earlier about Termite, I did discover a challenge to that approach. For simple, clearly-defined drivers, that could work, being able to take predefined profiles and automated hacking to translate drivers to another platform. Such drivers could be considered "fair use" in that humans don't see the code and it is only "translating" the code to work under another OS. However, just capturing the input and output, doing some static analysis, and using device, class, and OS profiles won't always be enough. For instance, what about proprietary compression schemes, codecs and the like? Just studying the I/O, doing static analysis, and so on won't let you recreate such things. So if the driver works at all, the device won't have full capabilities. So sound cards, network cards, modems, and video cards might not always work fully or correctly on a machine-written driver. Now, if it wrote a tentative driver for you in C or C++, then humans might have better luck filling in what is missing.
Webunny
Posts: 1201
Joined: Sat Apr 28, 2012 1:30 pm

Re: Drivers

Post by Webunny »

Z98 wrote:The market has pretty much made clear that it is not willing to pay for the overhead of properly secure software. As a company, Microsoft needs to make money so it produces software that the market is willing to pay for at a cost the market is willing to bear.
Luckily, we don't have such a requirement! An opportunity for ROS, thus! Let's fill that niche!!j/k, j/k!

PurpleGurl wrote:Yes, I read about that verified kernel, and it is extremely limited. I've wondered what would happen if someone were to write a Windows-like OS to sit on top of that. I imagine it would require much more work than Wine. Someone could try to create a "fork" of ROS down the road to run on top of it. I am not sure if it would work or be worth the effort, and there is of course the problem with adding insecure code on top of it. But it would be an academic exercise.

And my comments earlier about Termite, I did discover a challenge to that approach. For simple, clearly-defined drivers, that could work, being able to take predefined profiles and automated hacking to translate drivers to another platform. Such drivers could be considered "fair use" in that humans don't see the code and it is only "translating" the code to work under another OS. However, just capturing the input and output, doing some static analysis, and using device, class, and OS profiles won't always be enough. For instance, what about proprietary compression schemes, codecs and the like? Just studying the I/O, doing static analysis, and so on won't let you recreate such things. So if the driver works at all, the device won't have full capabilities. So sound cards, network cards, modems, and video cards might not always work fully or correctly on a machine-written driver. Now, if it wrote a tentative driver for you in C or C++, then humans might have better luck filling in what is missing.
If we are all talking about the same kernel (and as far as I'm aware, there is, indeed, only one. Well... maybe two, since I seem to remember the ESA used also a verified kernel for some of their stuff), then it's extremely unlikely that it would do any good for ROS. To make ROS work 'on top' of that (and then you're security would diminish anyhow, until all that is verified too) the re-work would be gigantic. It would be better to start from scratch, me thinks. Main reason being that that verified kernel is a microkernel, while ROS' kernel is monolithic, just like Windows'.
User avatar
ImperialSpectre
Posts: 57
Joined: Mon Dec 24, 2012 7:59 pm
Location: England, UK

Re: Drivers

Post by ImperialSpectre »

Webunny wrote:
Z98 wrote:The market has pretty much made clear that it is not willing to pay for the overhead of properly secure software. As a company, Microsoft needs to make money so it produces software that the market is willing to pay for at a cost the market is willing to bear.
Luckily, we don't have such a requirement! An opportunity for ROS, thus! Let's fill that niche!!j/k, j/k!

PurpleGurl wrote:Yes, I read about that verified kernel, and it is extremely limited. I've wondered what would happen if someone were to write a Windows-like OS to sit on top of that. I imagine it would require much more work than Wine. Someone could try to create a "fork" of ROS down the road to run on top of it. I am not sure if it would work or be worth the effort, and there is of course the problem with adding insecure code on top of it. But it would be an academic exercise.

And my comments earlier about Termite, I did discover a challenge to that approach. For simple, clearly-defined drivers, that could work, being able to take predefined profiles and automated hacking to translate drivers to another platform. Such drivers could be considered "fair use" in that humans don't see the code and it is only "translating" the code to work under another OS. However, just capturing the input and output, doing some static analysis, and using device, class, and OS profiles won't always be enough. For instance, what about proprietary compression schemes, codecs and the like? Just studying the I/O, doing static analysis, and so on won't let you recreate such things. So if the driver works at all, the device won't have full capabilities. So sound cards, network cards, modems, and video cards might not always work fully or correctly on a machine-written driver. Now, if it wrote a tentative driver for you in C or C++, then humans might have better luck filling in what is missing.
If we are all talking about the same kernel (and as far as I'm aware, there is, indeed, only one. Well... maybe two, since I seem to remember the ESA used also a verified kernel for some of their stuff), then it's extremely unlikely that it would do any good for ROS. To make ROS work 'on top' of that (and then you're security would diminish anyhow, until all that is verified too) the re-work would be gigantic. It would be better to start from scratch, me thinks. Main reason being that that verified kernel is a microkernel, while ROS' kernel is monolithic, just like Windows'.
Dating from Windows 9x & before is classed as part of the monolithic kernel - however Windows XP & beyond is a Hybrid kernel according to http://en.wikipedia.org/wiki/Microsoft_Windows - please check your sources next time.....
ReactOS is still in alpha stage, meaning it is not feature-complete and is recommended only for evaluation and testing purposes
Webunny
Posts: 1201
Joined: Sat Apr 28, 2012 1:30 pm

Re: Drivers

Post by Webunny »

ImperialSpectre wrote:
Webunny wrote:
Z98 wrote:The market has pretty much made clear that it is not willing to pay for the overhead of properly secure software. As a company, Microsoft needs to make money so it produces software that the market is willing to pay for at a cost the market is willing to bear.
Luckily, we don't have such a requirement! An opportunity for ROS, thus! Let's fill that niche!!j/k, j/k!

PurpleGurl wrote:Yes, I read about that verified kernel, and it is extremely limited. I've wondered what would happen if someone were to write a Windows-like OS to sit on top of that. I imagine it would require much more work than Wine. Someone could try to create a "fork" of ROS down the road to run on top of it. I am not sure if it would work or be worth the effort, and there is of course the problem with adding insecure code on top of it. But it would be an academic exercise.

And my comments earlier about Termite, I did discover a challenge to that approach. For simple, clearly-defined drivers, that could work, being able to take predefined profiles and automated hacking to translate drivers to another platform. Such drivers could be considered "fair use" in that humans don't see the code and it is only "translating" the code to work under another OS. However, just capturing the input and output, doing some static analysis, and using device, class, and OS profiles won't always be enough. For instance, what about proprietary compression schemes, codecs and the like? Just studying the I/O, doing static analysis, and so on won't let you recreate such things. So if the driver works at all, the device won't have full capabilities. So sound cards, network cards, modems, and video cards might not always work fully or correctly on a machine-written driver. Now, if it wrote a tentative driver for you in C or C++, then humans might have better luck filling in what is missing.
If we are all talking about the same kernel (and as far as I'm aware, there is, indeed, only one. Well... maybe two, since I seem to remember the ESA used also a verified kernel for some of their stuff), then it's extremely unlikely that it would do any good for ROS. To make ROS work 'on top' of that (and then you're security would diminish anyhow, until all that is verified too) the re-work would be gigantic. It would be better to start from scratch, me thinks. Main reason being that that verified kernel is a microkernel, while ROS' kernel is monolithic, just like Windows'.
Dating from Windows 9x & before is classed as part of the monolithic kernel - however Windows XP & beyond is a Hybrid kernel according to http://en.wikipedia.org/wiki/Microsoft_Windows - please check your sources next time.....

I think it is you who should check your sources next time. If you'll go to the wikipedia for that very same 'Hybrid kernel' you'll see the following: "The "hybrid" category is controversial, due to the similarity of hybrid kernels and ordinary monolithic kernels; the term has been dismissed by Linus Torvalds as simple marketing."

I happen to agree with Linus. This 'hybrid kernel' is nothing more than marketing-talk to describe something which in essence is still a monolithic kernel.
Post Reply

Who is online

Users browsing this forum: No registered users and 45 guests