Hi,
Any cpu that doesn't require special instructions for copyin/out is susceptible to user processes mapping code to address 0 and converting a kernel 'jump through unset pointer' from a panic into a massive security hole (executing process code with the 'supervisor' bit set).
Only if you do a naive implementation of copyin/out. Nothing prevents you from implementing copyin/out on these cpus by mapping only the relevant part of the user address space at some reserved address (maybe even one page at a time), do the copying and then unmap the user space part. No reason to share the user address space all the time. Ciao, Wolfgang -- wolfg...@solfrank.net Wolfgang Solfrank
