A road named NoNameUno

Long back when I first started hacking in IBM TSO, and UNIX, I was told by one of my coworker that the only thing constant in this industry is change. And not much to surprise, I've been trying to live with it. Hence there are two digress: Not finishing the NDIS 6.0 hacks; Not finishing the UI side of the combinatorial game Hacken bush. I will have to get them latter ... For now, I'm trying to wrap my head around Mac X. If you happen to be around for long in the hacking area, you know strange thoughts come around quite often. Few months ago, I was trying to refresh the basic paging mechanism in NT. Long back in the 16bit days, we knew that executables are file mapped in NT, meaning loading of a large exe is fast. So the obvious question is for what is the backing store for an APP or for a driver. I knew that long back, NT used to have the driver binary file mapped, if I could recall. But due to online update, and other security measure the backing store for drivers is the paging file. Now the question is what if I try to load a whole lot drivers, can it make the system page file overly crowded?. In Mac (xnu), there is not a single paging file if we configured correctly. So paging files are created and merged back when not heavily loaded. When it comes to user vs. kernel protections, we know that the kernel essentials are shared mapped to user address spaces, both in Windows and Linux. Remember the 2GB, 3GB user address space, rest is kernel's property. Mac os X does not share this sharing idea that much, so kernel is in its own address space. Quite nice, since lot of xnu ideas are from Mach. But system calls, and context switching is bit heavy hence less optimized. But then processor speeds became many fold better, so it is a nice trade off two. When it comes to bitnes or arch, a natural question is when I have a CD that has the OS for both power pc(ppc) and x86, what happens at the installation time, what are forms of those binaries etc. While I've not figured out all the questions I have, Mach-O, the binary format does accomodate multi-arch representation in a single file. In other words, if I build an executable for ppc, x86, and x64, I can combine them in a single binary - called fat binary, that can be used in any of these architectures !!!