[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Whats so difficult about ISSU

On 11/11/12, Miquel van Smoorenburg <mikevs at xs4all.net> wrote:
> Which isn't really a problem, none of the control plane stuff needs
> to run in the kernel. The only thing that needs to run in the
> kernel is the device driver(s) to talk to the forwarding plane

Yes.   But avoiding kernel mode is a consideration, even before GPL.
Perhaps GPL is just another force to discourage developers from doing what
they shouldn't be doing anyways -- which is to insert complicated code in the
kernel itself to do  application-specific things,  instead of
providing hardware interfaces
for applications.

You introduce risks if you run control plane things in kernel mode
ring0  and not separate control plane functions into user processes.
Risks that buggy code will be executed with privilege and corrupt
critical data.

Risks that a buffer overflow in the SNMP code  will crash the kernel
and cause the entire control unit to reboot.

If instead, each control function is a separate user process, running without
privilege in protected mode, then you have a larger amount of fault isolation
provided by the hardware -- restart the SNMP process automatically,
but  leave  ISISd/Bgpd  alone,  and no kernel panic...

> hardware, but if you use ethernet or infiniband for that
> communication you don't need any proprietary drivers.

> Mike.