On Tue, Dec 27, 2016 at 02:12:59PM +0100, Wolfgang Solfrank wrote: > Hi, > > >Any cpu that doesn't require special instructions for copyin/out > >is susceptible to user processes mapping code to address 0 and > >converting a kernel 'jump through unset pointer' from a panic > >into a massive security hole (executing process code with the > >'supervisor' bit set). > > Only if you do a naive implementation of copyin/out. Nothing prevents > you from implementing copyin/out on these cpus by mapping only the > relevant part of the user address space at some reserved address > (maybe even one page at a time), do the copying and then unmap the > user space part. No reason to share the user address space all the > time.
That requires you do a full 'pmap' change on every system call entry and exit - which will slow things down somewhat. You don't even want to invalidate the use tlb. David -- David Laight: da...@l8s.co.uk