Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

User Memory Allocator Security Issue #1266

Open
patacongo opened this issue Jun 17, 2020 · 0 comments
Open

User Memory Allocator Security Issue #1266

patacongo opened this issue Jun 17, 2020 · 0 comments
Labels
enhancement New feature or request Security Security of OS in secure modes

Comments

@patacongo
Copy link
Contributor

In the current designed, the kernel code calls into the user-space allocators to allocate user-space memory. It is a security risk to call into user-space in kernel-mode because that could be exploited to gain control of the system. That could be fixed by dropping to user mode before trapping into the memory allocators; the memory allocators would then need to trap in order to return (this is already done to return from signal handlers; that logic could be renamed more generally and just used for a generic return trap).

Another place where the system calls into the user code in kernel mode is work_usrstart() to start the user work queue. That is another security hole that should be plugged.
@patacongo patacongo added Security Security of OS in secure modes enhancement New feature or request labels Jun 19, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request Security Security of OS in secure modes
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@patacongo