Opened 7 years ago

Last modified 7 years ago

#749 closed defect

Map and eradicate use of kernel addresses as IDs for userspace — at Initial Version

Reported by: Jakub Jermář Owned by:
Priority: major Milestone: 0.8.0
Component: helenos/kernel/generic Version: mainline
Keywords: Cc:
Blocker for: Depends on:
See also:

Description

The kernel (still) intentionally leaks kernel addresses at various places in order to provide identifiers to userspace.

In the past it used to identify calls this way, but this behavior has been replaced by using capabilities. There are still some other uses in other contexts that this ticket aims to map and eventually eradicate.

Note that using kernel addresses as userspace IDs is bad for two reasons:

  1. leaking addresses of kernel objects represents a security risk and
  2. kernel addresses use a global namespace (unlike task-local capability handles), so this precludes some light forms of virtualisation on the namespace-level

Change History (0)

Note: See TracTickets for help on using tickets.