• 0 Posts
  • 2 Comments
Joined 4 months ago
cake
Cake day: July 8th, 2024

help-circle
  • Secureboot and DMA are two different and AFAIK unrelated things. Secureboot primarily exists to ensure that only trusted OS kernels are run on a particular device. Otherwise someone could just boot their own OS installation from wherever and then have it access your storage and other devices and thus compromise your machine. I am not entirely sure how it works but I think it uses cryptographic signatures for kernels and drivers that aren’t built into a kernel. I know that on Linux with Secureboot on if you want to use certain dynamically loaded drivers then they have to be signed. I prefer not to deal with all that so I just disable it in the firmware because no cyber criminal has physical access to my PC anyway.

    DMA is just a way to get data from peripherals without CPU intervention. Without DMA every time a peripheral wanted to send your machine data it would have to trigger an interrupt (or be polled continuously) which the OS would catch and then read the data from the device. This isn’t really super practical with modern hardware hence DMA allows peripheral devices to write directly to the system’s main memory without the CPU (or the OS that runs on it) being involved at all. Then the kernel can read that data from memory whenever it sees fit to do so.


  • By contrast, Windows is a microkernel. It only creates an API layer for the hardware vendor to write a driver that interfaces with Windows.

    NT is a hybrid kernel that is nearly monolithic.

    Also you don’t seem to understand what the difference between a microkernel and a monolithic kernel is. The defining difference is what mode and address space drivers and non-core kernel subsystems run in. If they run in the higher half in a privileged CPU mode like the base kernel then you have a monolithic kernel. If they run in userspace as one or more programs then you have a microkernel. If some run in kernel space and others run in userspace you have a hybrid kernel. And if your kernel exposes hardware interfaces directly to application programs providing only protection and multiplexing of them between programs and shared libraries are used to interact with those interfaces then you have an exokernel. If the kernel mimics the underlying hardware to each program running on top of it and let’s them think they’re running on the hardware directly then you don’t have a kernel at all you have a type II hypervisor.