[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Security stuff
> It certainly seems like it would be nearly impossible to patch normal GEM
> to deal with this, but for the newer ones there shouldn't really be much
> of a problem, I think.
Most AESes (today) are allowed to access all memory. This really is the
problem.
>
> Apart from the actual calling of the OS, which must of course still be
> possible via TRAPs, there is no reason to stay in supervisor mode, AFAICS.
Agreed I cannot think of any reason either.
> There might be a need for a couple of accesses to protected memory, but most
> of the work, including reading and writing of parameters, could well be done
> from user mode, couldn't it? If it is, normal memory protection will take
> care of any attempts at tampering.
Agreed IMO all security schemes schould be kept simple. To add access restrictions
to the mmu tree yields no overhead in most modern microprocessors, provided
you use a mmutree (or TLB). All memory related security issues should be solved
using normal memory protection. Not by using any other sanity checks that
do cause overhead..
Regards
Sven