On Thu, Dec 1, 2016 at 1:29 PM, Mark Reus <markreusva@gmail.com> wrote:

The user level resource managers can access both the kernel memory and other memory as well because they have capabilities to both. What exactly in the above quote causes the isolation of user level memory with kernel memory. I am of the notion that the kernel allocated objects are still accessible and can be modified to point to some other memory? Am I misunderstanding something?

The user level resource managers have access to the capabilities of kernel objects, but not their memory. As soon as you retype an untyped block of memory into, say, endpoint objects, you can't poke around in it. You'll get a memory protection fault. Normally you'd solve that by mapping the same memory into your address space, right? But you can't do that, because it's not a page object, and kernel objects are not allowed to overlap.

If you think about it in object oriented terms, it's like you don't even get an API to screw this up. :-)