lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20240214053053.982b48d993ae99dad1d59020@linux-foundation.org>
Date: Wed, 14 Feb 2024 05:30:53 -0800
From: Andrew Morton <akpm@...ux-foundation.org>
To: Petr Tesarik <petrtesarik@...weicloud.com>
Cc: Jonathan Corbet <corbet@....net>, David Kaplan <david.kaplan@....com>,
 Larry Dewey <larry.dewey@....com>, Elena Reshetova
 <elena.reshetova@...el.com>, Carlos Bilbao <carlos.bilbao@....com>,
 "Masami Hiramatsu (Google)" <mhiramat@...nel.org>, Randy Dunlap
 <rdunlap@...radead.org>, Petr Mladek <pmladek@...e.com>, "Paul E. McKenney"
 <paulmck@...nel.org>, Eric DeVolder <eric.devolder@...cle.com>, Marc
 Aurèle La France <tsi@...oix.net>, "Gustavo A. R. Silva"
 <gustavoars@...nel.org>, Nhat Pham <nphamcs@...il.com>, Greg Kroah-Hartman
 <gregkh@...uxfoundation.org>, "Christian Brauner (Microsoft)"
 <brauner@...nel.org>, Douglas Anderson <dianders@...omium.org>, Luis
 Chamberlain <mcgrof@...nel.org>, Guenter Roeck <groeck@...omium.org>, Mike
 Christie <michael.christie@...cle.com>, Kent Overstreet
 <kent.overstreet@...ux.dev>, Maninder Singh <maninder1.s@...sung.com>,
 linux-doc@...r.kernel.org (open list:DOCUMENTATION),
 linux-kernel@...r.kernel.org (open list), Roberto Sassu
 <roberto.sassu@...weicloud.com>, petr@...arici.cz, Petr Tesarik
 <petr.tesarik1@...wei-partners.com>
Subject: Re: [PATCH v1 5/5] sbm: SandBox Mode documentation

On Wed, 14 Feb 2024 12:30:35 +0100 Petr Tesarik <petrtesarik@...weicloud.com> wrote:

> +Although data structures are not serialized and deserialized between kernel
> +mode and sandbox mode, all directly and indirectly referenced data structures
> +must be explicitly mapped into the sandbox, which requires some manual effort.

Maybe I'm missing something here, but...

The requirement that the sandboxed function only ever touch two linear
blocks of memory (yes?) seems a tremendous limitation.  I mean, how can
the sandboxed function call kmalloc()?  How can it call any useful
kernel functions?  They'll all touch memory which lies outside the
sandbox areas?

Perhaps a simple but real-world example would help clarify.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ