Re: kernel stack challenge

From: Sergiy Lozovsky
Date: Mon Apr 05 2004 - 18:30:07 EST


I wanted something higher level than C. Forth looks
like C to me. I wanted something with build in support
of complex structures and automatic memory management.

I see no reason to replace one C with another.

> Did you separate out the parser out into a
> user-space daemon?

I didn't. It's possible optimization, but it will not
give any good. The syntax of LISP is much simpler than
Forth (this another reason I chose LISP :-), so parser
is very small.

> >>Why do you choose LISP? Don't you want to use a
> >>language that sysadmins
> >>will actually KNOW?

At the start of the project I tried to design my own
small language (just for security system). At this
point I understood that I didn't want to settle with
anything less than universal language. The idea to
invent some language and write VM for it didn't appeal
to me. I wanted to make a security system, not a new
language. I wanted language to be as simple as
possible. LISP had the simpliest syntax from all
languages. So I found small lisp interpreter (kind of
real time - without garbage collector which stops
execution) added string and bit operations, modified
it to be placed in the kernel.

Ok, it was my marketing claim about sysadmins :-)
Sysadmins use web interface to configure polices and
don't deal with LISP at all.

LISP is for those who want to change security Models
only.

Serge.

--- Timothy Miller <miller@xxxxxxxxxxxxxx> wrote:
>
>
> Sergiy Lozovsky wrote:
> > --- Timothy Miller <miller@xxxxxxxxxxxxxx> wrote:
> >
> >>
> >>Sergiy Lozovsky wrote:
> >>
> >>
> >>>
> >>>All LISP errors are incapsulated within LISP VM.
> >>>
> >>
> >>
> >>A LISP VM is a big, giant, bloated.... *CHOKE*
> >>*COUGH* *SPUTTER*
> >>*SUFFOCATE* ... thing which SHOULD NEVER be in the
> >>kernel.
> >
> >
> > It is a smallest interpreter (of all purpose
> language)
> > I was able to find. My guess is that you refer to
> the
> > Common Lisp. it is huge and I don't use it.
>
> Did you separate out the parser out into a
> user-space daemon?
>
> Also, if you want a regular programming language
> with an extremely small
> interpreter, try Forth.
>
> Learning Forth should be at LEAST as much fun as
> learning LISP.
>
> >
> >
> >>If you want to use a more abstract language for
> >>describing kernel
> >>security policies, fine. Just don't use LISP.
> >
> >
> > Point me to ANy langage with VM around 100K.
>
> I bet a Forth interpreter would be smaller.
>
> And for something specialized like security policy,
> you could probably
> develop your own language and interpreter for it,
> and it would be
> smaller (and faster) still.
>
> >
> >
> >>The right way to do it is this:
> >>
> >>- A user space interpreter reads text-based config
> >>files and converts
> >>them into a compact, easy-to-interpret code used
> by
> >>the kernel.
> >>
> >>- A VERY TINY kernel component is fed the security
> >>policy and executes it.
> >
> >
> > it is exactly the way it is implemented. Not
> everyone
> > need to create their own security model (that VERY
> > TINY kernel component you refer to). But even for
> > those who want to modify or create their own VERY
> TINY
> > kernel component - they don't need to do that in C
> and
> > debug it in th kernel crashing it.
>
> You misunderstand. When I say "VERY TINY kernel
> component", I'm
> referring to the interpreter. Done properly, the
> pcode for the policy
> itself would be microscopic.
>
> >
> >
> >>Move as much of the processing as reasonable into
> >>user space. It's
> >>absolutely unnecessary to have the parser into the
> >>kernel, because
> >>parsing of the config files is done only when the
> >>ASCII text version
> >>changes.
> >>
> >>It's absolutely unnecessary to have something as
> >>complex as LISP to
> >>interpret it, when something simple and compact
> >>could do just as well.
> >>
> >>Why do you choose LISP? Don't you want to use a
> >>language that sysadmins
> >>will actually KNOW?
> >
> >
> > It was is) the smallest VM I know of.
>
> Forth.
>
>


__________________________________
Do you Yahoo!?
Yahoo! Small Business $15K Web Design Giveaway
http://promotions.yahoo.com/design_giveaway/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/