@moon.eth

RISC-V s not going to get us as far as we could go. For that we have to go all the way back to Lisp Machines (or further) to things like https://en.wikipedia.org/wiki/Tagged_architecture , where down to the CPU level, memory is tagged with the data type. This makes type safety a property of the entire architecture, simplifies garbage collector implementation, if you add a capability type, makes capability-based OS token forgery architecturally impossible, etc. Capability-based OS where applications can't request system resources at all, they have to be passed in by the OS, are another major enhancement that can't be bolted on at the application level. Systems like CloudABI or SEL4, the application can't open your OS password file, or steal data from your home directory, because it doesn't even have or know what "open file" is. it was passed in a capability to read a specific file (say, its configuration) on program launch. These OS and architecture are easier to formally verify, too.

0 reply

0 recast

0 reaction