Current operating systems run many drivers and in order to achieve good performance, most of these drivers are fully trusted, i.e. they run in the operating system kernel and share the address space of the kernel. However, driver bugs cause serious problems and are a major cause of unreliability in operating systems. Such bugs can result in data corruption, crashes, security breaches etc.
A number of fault isolation techniques have been proposed which, for example, isolate drivers, or other kernel extensions, in separate protection domains to contain faults or move the extensions to user mode processes. Other techniques have been proposed which require changes to driver code or hardware. However, these known techniques are not widely used because they cannot isolate existing kernel extensions with low overhead on standard hardware.
The embodiments described below are not limited to implementations which solve any or all of the disadvantages of known fault isolation techniques.