You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In the current designed, the kernel code calls into the user-space allocators to allocate user-space memory. It is a security risk to call into user-space in kernel-mode because that could be exploited to gain control of the system. That could be fixed by dropping to user mode before trapping into the memory allocators; the memory allocators would then need to trap in order to return (this is already done to return from signal handlers; that logic could be renamed more generally and just used for a generic return trap).
Another place where the system calls into the user code in kernel mode is work_usrstart() to start the user work queue. That is another security hole that should be plugged.
The text was updated successfully, but these errors were encountered:
In the current designed, the kernel code calls into the user-space allocators to allocate user-space memory. It is a security risk to call into user-space in kernel-mode because that could be exploited to gain control of the system. That could be fixed by dropping to user mode before trapping into the memory allocators; the memory allocators would then need to trap in order to return (this is already done to return from signal handlers; that logic could be renamed more generally and just used for a generic return trap).
Another place where the system calls into the user code in kernel mode is work_usrstart() to start the user work queue. That is another security hole that should be plugged.
The text was updated successfully, but these errors were encountered: