Lorito bytcode security vs jittability

Allison Randal allison at parrot.org
Thu Mar 11 20:10:41 UTC 2010


On 3/11/10 7:25 PM, Peter Lobsinger wrote:
>
> So when we say something is "compiled down to Lorito" (eg: ops, pmcs,
> etc), we have access to the high-level op versions of these at
> runtime?

Yes, the high-level "virtual" ops would be stored as actual ops in both 
the bytecode and the JITed forms. This is good for more compact bytecode 
(fewer instructions) and for a faster JIT (JITed execution of large 
blocks of code, rather than individual invocation of the smaller 
low-level ops).

Now, when you get to the level of JITing entire subroutines, they may 
drop some security information about the ops within the subroutine for 
the sake of speed. It may be possible to propagate the information 
outward (so the JITed subroutine has the security properties of all the 
ops it contains, and is accepted/rejected by the sandbox based on those 
properties). Or, it may be a choice that individual applications have to 
make between speed and low-level control.

Allison


More information about the parrot-dev mailing list