Moving Linux Kernel Drivers To User-Space? Nope.
Brought up on the Linux kernel mailing list this week was a short-lived discussion whether Linux device drivers should be moved from kernel-space to user-space in an attempt to provide "greater security and robustness" of Linux systems.
Jidong Xiao asked on Wednesday, Can we move device drivers into user-space? It's been a matter that's been brought up before in past years and he cited an earlier research paper on "Tolerating Malicious Device Drivers in Linux." Jidong's reasoning for bringing up the topic again is that, "Advantage: Since most of kernel bugs are caused by device drivers issues, moving device drivers into user space can reduce the impact of device driver bugs. From security perspective, the system can be more secure and robust if most device drivers are working in user space. Disadvantage: At least, existing techniques as well as the above paper showed a relatively high overhead."
Among those responding to this controversial topic were Greg Kroah-Hartman, who chimed in this morning.
Moving Linux device drivers to user-space (or coming up with a stable Linux API/ABI) is fun to talk about, but of course is unlikely to move forward. Greg additionally responded, "Please note, that one of the strengths of Linux is that we CAN change driver code, and we do, which makes implementations like this nice from an academic point of view, but unrealistic from a real-world point of view."
Jidong Xiao asked on Wednesday, Can we move device drivers into user-space? It's been a matter that's been brought up before in past years and he cited an earlier research paper on "Tolerating Malicious Device Drivers in Linux." Jidong's reasoning for bringing up the topic again is that, "Advantage: Since most of kernel bugs are caused by device drivers issues, moving device drivers into user space can reduce the impact of device driver bugs. From security perspective, the system can be more secure and robust if most device drivers are working in user space. Disadvantage: At least, existing techniques as well as the above paper showed a relatively high overhead."
Among those responding to this controversial topic were Greg Kroah-Hartman, who chimed in this morning.
Feel free to create patches to do so, and handle all of the userspace changes needed in order to implement this.
I think you haven't thought through the true reason we have device drivers, and why Linux isn't a microkernel...
And I'd take exception to your "advantage:" line above, I don't believe that is true at all.
Best of luck with your work,
greg k-h
Moving Linux device drivers to user-space (or coming up with a stable Linux API/ABI) is fun to talk about, but of course is unlikely to move forward. Greg additionally responded, "Please note, that one of the strengths of Linux is that we CAN change driver code, and we do, which makes implementations like this nice from an academic point of view, but unrealistic from a real-world point of view."
39 Comments