Menu
▾
▴
Re: [User-mode-linux-devel] Performance enhancement idea / security issue...
|
From: Jeff D. <jd...@ka...> - 2000-07-08 01:12:48
|
sa...@sk... said: > How would security be reduced by having an alternate system call entry > point? It's reduced if the alternate system call entry point can be turned off by the process. One of the proposals was to replace "int 0x80" with a direct call into the kernel. If that is done by a preprocessor, and there is also no system call tracing (this bit wasn't explicitly proposed by anyone), then the direct call can be rewritten by the process back into a system call into the host kernel. > If so, using 'ud2' to get into the kernel would be the same as using a > tracing thread... tracing is disabled on entrance, because we 'know' > we are in safe code... What is ud2, anyway? Never heard of it... And there's one thing I forgot to mention: jd...@ka... said: > My long-term plan for system calls is to eliminate the tracing thread > altogether. There are two aspects to this - making threads able to > PTRACE_CONT and PTRACE_SYSCALL themselves, and allowing threads to > intercept their own system calls. <snip> And that is that plan for eliminating the tracing thread isn't exactly set in stone. If anyone has better ideas, I'll happily drop my own crappy plans, and go with them. Jeff |
