[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Rep:Re: Rep:Re: [f-cpu] TLB right + resume
- To: <f-cpu@seul.org>
- Subject: Rep:Re: Rep:Re: [f-cpu] TLB right + resume
- From: "Nicolas Boulay" <nicolas.boulay@ifrance.com>
- Date: Tue, 20 Aug 2002 09:05:08 GMT
- Delivered-To: archiver@seul.org
- Delivered-To: f-cpu-outgoing@seul.org
- Delivered-To: f-cpu@seul.org
- Delivery-Date: Tue, 20 Aug 2002 05:05:17 -0400
- Reply-To: f-cpu@seul.org
- Send-By: 140.94.82.18 with Mozilla/4.0 (compatible; MSIE 5.0; Windows NT; DigExt; FR 15/06/2000)
- Sender: owner-f-cpu@seul.org
-----Message d'origine-----
De: Michael Riepe <michael@stud.uni-hannover.de>
A: f-cpu@seul.org
Date: 20/08/02
Objet: Re: Rep:Re: [f-cpu] TLB right + resume
On Mon, Aug 19, 2002 at 09:11:59AM +0000, Nicolas Boulay wrote:
[...]
> >>> You can't prevent the mistake of all the future use of the F-cpu !
> Beleiving that the hardware will do all the job for you is a dream of
> progammer, but not a reality ! HW+SW are design to realise a task, the
> faster, the cheeper, the more flexible way they can. The RICS
adventure
> said to use more the SW and speed up dumb thing in the HW and do the
> clever thing in SW.
Since we're building a processor for general use, we must provide a
reasonable amount of functionality. Paging and fine-grained page level
protection *is* reasonable, IMHO.
[...]
> >>> I try to resume what we want to avoid :
> 1- give kernel page to kernel function call to access kernel page from
> user process.
> 2- execute user code in kernel mode
> 3- execute librairy call to execute excve with /bin/sh to have a shell
> access.
That's a SW problem.
>>> A compiler problem, so an abi problem. The last security problem in
case of buffer overflow.
> 4- diseable any possiblity of buffer overflow.
Dto.
>>> ??? don't understand that word.
> 5- Protect part of the kernel (driver) from it-self
That's what you need fine-grained access rights for.
>>> Do you think it's wise to protect the kernel from it-self ?
>>> What you think about the idea of tagged page that could only be used
by tagged read&write instructions (to protect data page of the kernel
and return stack write) ?
nicO
--
Michael "Tired" Riepe <Michael.Riepe@stud.uni-hannover.de>
"All I wanna do is have a little fun before I die"
*************************************************************
To unsubscribe, send an e-mail to majordomo@seul.org with
unsubscribe f-cpu in the body. http://f-cpu.seul.org/
______________________________________________________________________________
Pour mieux recevoir vos emails, utilisez un PC plus performant !
Découvrez la nouvelle gamme DELL en exclusivité sur i (france)
http://www.ifrance.com/_reloc/signhdell
*************************************************************
To unsubscribe, send an e-mail to majordomo@seul.org with
unsubscribe f-cpu in the body. http://f-cpu.seul.org/