[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Vulnerabilities in Synchronous IPC Designs
From: |
Volkmar Uhlig |
Subject: |
RE: Vulnerabilities in Synchronous IPC Designs |
Date: |
Mon, 2 Jun 2003 20:41:26 +0200 |
> -----Original Message-----
> From: Marcus Brinkmann [mailto:address@hidden
> Sent: Monday, June 02, 2003 7:21 PM
>
> The above strategy is roughly equivalent to the truncation
> option in EROS.
> If more advanced strategies are required, we might not be
> totally out of luck. Although the TBO model does not
> directly transfer to the Hurd, there are other possibilities
> like having the trusted physical memory server allocate
> memory on the clients behalf for the server's use. Maybe
> Neal's container model can have a wired down option and
> extended to cover this case. Such options have yet to be
> explored.
As mentioned before by Espen, Jonathan refers to the old V2 API. X2/V4
supports message aborts and restarts for strings. So one possible way to
avoid the DoS is the following:
- Set receive transfer timeout to zero -- means that the first pagefault
will abort the IPC
- Clients have to touch (i.e. read) their message memory before sending
to make sure/likely it is paged in
- On pagefault the IPC is aborted immediately. Client and server get the
total amount of transferred bytes stored in the Error TCR
- now it is up to a to-be-defined protocol to either restart the message
or continue at the point of the pagefault
Alternatively, you can have one dedicated thread per client which
performs a closed IPC receive and further sandbox malicious clients.
- Volkmar
- Re: Vulnerabilities in Synchronous IPC Designs, (continued)
- Re: Vulnerabilities in Synchronous IPC Designs, Niels Möller, 2003/06/03
- Re: Vulnerabilities in Synchronous IPC Designs, Espen Skoglund, 2003/06/03
- Re: Vulnerabilities in Synchronous IPC Designs, Niels Möller, 2003/06/03
- Re: Vulnerabilities in Synchronous IPC Designs, Kip Macy, 2003/06/06
- Re: Vulnerabilities in Synchronous IPC Designs, Niels Möller, 2003/06/02
- Re: Vulnerabilities in Synchronous IPC Designs, Marcus Brinkmann, 2003/06/02
- Re: Vulnerabilities in Synchronous IPC Designs, Jean-Charles Salzeber, 2003/06/02
Re: Vulnerabilities in Synchronous IPC Designs, Marcus Brinkmann, 2003/06/02
RE: Vulnerabilities in Synchronous IPC Designs,
Volkmar Uhlig <=
RE: Vulnerabilities in Synchronous IPC Designs, Volkmar Uhlig, 2003/06/02