In message <20020306200959.C1364@dhcp2.wlan.shagadelic.org>, Jason R Thorpe wri
tes:
>On Wed, Mar 06, 2002 at 11:05:54PM -0500, Steven M. Bellovin wrote:
>
> > Now that's an interesting architectural challenge.  I suspect that you 
> > can't easily do that translation from the kernel (an upcall to gcc?), 
> > but the ability to download arbitrary machine code isn't that different 
> > than LKMs are now.  I wonder if there's a way to safely and efficiently
> > have kernel processes that share a bit of address space, but not all.
>
>The BPF-to-C thing was just an experiment.  My intent was to actually
>map BPF insns to native insns/millicode directly, skipping the C step.
>
Even so, that's a lot of machine-dependent code in the kernel.  It 
doesn't really strike me as the way to go.  As I said, we already 
permit LKM; is there an incremental risk?

		--Steve Bellovin, http://www.research.att.com/~smb
		Full text of "Firewalls" book now at http://www.wilyhacker.com