On Sunday 06 May 2007, Wink Saville wrote:
> >
> > > Thus code
> > > +executing within the ACE area can also be executed from user space or
> > > +kernel space. This is accomplished by using spin locks when executing
> > > +within the ACE area and changes to arch/x86_64/kernel/entry.S such that
> > > +when an interrupt occurs while executing code in the ACE area that code
> > > +will be completed before the interrupt is dispatched.
> >
> > I don't understand how you can write to the spinlock when coming from
> > user space. If the page is writable, how do you make sure the user can't
> > write malicious code or data into it?
>
> Trusted code should only be allowed access to the feature, at the moment
> it is enforced by requiring the applications to have root permissions to
> open the character device driver.
This is a serious problem. There is a reason why we normally do things
with system calls. Unless you can come up with a safe and reasonably clean
way for unprivileged applications to use your code, I don't see how you
expect it to get merged in the kernel.
> > Can't you put this into the vdso? Calling into the right place sounds
> > like a problem that is already solved.
>
> Possibly, but it isn't universally available, I hope to use this technique
> on other architectures.
It should be possible to implement vdso on any architecture that is still
missing it. Not easy, but it's an established way of doing things and a lot
cleaner than making up your own linkage model.
Arnd <<<
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
kvm-devel mailing list
kvm-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/kvm-devel
