l4-hurd
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: some other memory considerations.

From: Espen Skoglund
Subject: Re: some other memory considerations.
Date: Tue, 26 Oct 2004 17:16:22 +0200 
[Neal H Walfield]
>> Mapping memory to an other task costs kernel memory.  Therefore, it
>> can be used for a denial of service attack against the system.

> This is a potential problem which Marcus and I discussed a while
> ago.  The solution that we came up with was to use a redirector for
> all non-privileged threads which would filter out non-sanctioned
> mappings thereby eliminating this vulnerability.  That is extreme
> and induces a huge amount of overhead.  The alternative is to ignore
> it: if the kernel allows it (and mapping and granting are not
> privileged operations) then the L4 people likely do not see this as
> a serious flaw perhaps because in the next design revision they will
> add a mechanism to page kernel memory.

L4 will eventually get proper management of kernel memory.  See [1]
for an example of how this can be done.  In a (currently) experimental
API revision that I am working on I might also introduce a mechanism
that disallows mappings to be performed over certain communication
channels altogether.

        eSk


[1] A. Haeberlen, K. Elphinstone.  User-level Management of Kernel
Memory.  In Eighth Asia-Pacific Computer Systems Architecture
Conference (ACSAC'03), Aizu-Wakamatsu City, Japan, September 23-26,
2003
reply via email to
[Prev in Thread] Current Thread [Next in Thread]