[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: gnumach RPC: get info about the calling task

From: Joan Lledó
Subject: Re: gnumach RPC: get info about the calling task
Date: Sat, 16 Oct 2021 11:37:13 +0200

El 12/10/21 a les 20:32, Samuel Thibault ha escrit:
> Sergey Bugaev, le mar. 12 oct. 2021 16:22:48 +0300, a ecrit:
>> So in the case of vm_map-backed pager, it should matter whether you
>> have a task port to the target task, not whether you *are* the target
>> task. If someone has a task port to a task, it allows them to
>> completely control the task anyway (including making it invoke any
>> RPC); there's no additional security gains from checking who the
>> caller is, but there will be additional breakage.
> Yes, making the caller pass the task port should be completely enough.

Thanks for your explanations, if that's the case then I basically have it 
already. I attached a patch with the changes.

The new interface needs to know about proxies, and if one range has been mapped 
using a proxy, it must return the proxy and not the original object, which 
could be used to bypass the proxy protection, that's why I needed a way to 
lookup for used proxies from a task and an address.

I implemented that using a hash, like I did in the my previous dev_pager patch, 
that seems ok and it works, but the only way I found to remove proxies from the 
hash once they are not needed is to lookup for a proxy every time vm_deallocate 
is called. I don't like that, since proxies are rarely used so rarely (if ever) 
a range being unmaped will be present in the hash.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]