Opened 7 years ago
Last modified 7 years ago
#749 closed defect
Map and eradicate use of kernel addresses as IDs for userspace — at Initial Version
Reported by: | Jakub Jermář | Owned by: | |
---|---|---|---|
Priority: | major | Milestone: | 0.8.0 |
Component: | helenos/kernel/generic | Version: | mainline |
Keywords: | Cc: | ||
Blocker for: | Depends on: | ||
See also: |
Description
The kernel (still) intentionally leaks kernel addresses at various places in order to provide identifiers to userspace.
In the past it used to identify calls this way, but this behavior has been replaced by using capabilities. There are still some other uses in other contexts that this ticket aims to map and eventually eradicate.
Note that using kernel addresses as userspace IDs is bad for two reasons:
- leaking addresses of kernel objects represents a security risk and
- kernel addresses use a global namespace (unlike task-local capability handles), so this precludes some light forms of virtualisation on the namespace-level
Note:
See TracTickets
for help on using tickets.