Subject: Re: compartmentalization of kernel memory
To: Kamal R Prasad <kamalrpr@in.ibm.com>
From: Bill Studenmund <wrstuden@netbsd.org>
List: tech-kern
Date: 04/07/2003 09:57:11
On Mon, 7 Apr 2003, Kamal R Prasad wrote:
> On Fri, 4 Apr 2003, Kamal R Prasad wrote:
>
> >No. Because what you're taking about if you do that is not a UNIX kernel.
>
> >To do that compartmentalization, you need different MMU contexts, which
> >means different contexts. While others have commented on exception issues,
> Im referring to partitioning the heap (so that all malloc()s for a
> particular module are done sequentially within that region). it means that
> a bad pointer doing memory read/write is constrained not to go beyond the
> region. if it still results in an exception, we know for sure that the
> entire address space is not suspect.
First off, please leav a blank line between quoted text and where you
start your response. Otherwise it's rather hard to see where the quote
stops and your answer starts.
Second, how much will that help? Yeah, for the first bad write you can
say, you're writing to memory that should have been a FOO, but once the
first write happens, you can't say much.
I mean that's the whole problem we have now; we can't identify that first
bad write. We only know something's wrong when the kernel dies and memory
all looks like garbage. Since there can be multiple bad writes in a row,
how can you say what this will tell you?
Take care,
Bill