On вт, 15 лис 2011 23:17:41 [email protected] wrote: > On Tue, Nov 15, 2011 at 12:18 PM, Maxim Ignatenko <[email protected]> wrote: > > frHi, > > > > I'm currently inventing the wheel^W^W^Wwriting a firewall from scratch > > and looking for most convenient way to establish communication between > > userspace processes and kernel part. Communication pattern best fits to > > listening PF_LOCAL socket opened from kernel and userspace processes > > connecting to it. Clients should be able to send requests and receive > > responses from kernel (to retrieve list of loaded modules, active > > ruleset, add or remove rules, ...) and vice versa: kernel should be able > > to send request to userspace process and receive response (I'm planning > > to add interactive features like in most firewalls for windows(r)). > > > > First part can be implemented via ioctl, but it should be called not only > > by processes with euid == 0, so supplied pointer to receive buffer > > cannot be trusted (is there any mechanism to check memory allocation?) > > and any unprivileged user can instruct kernel to write some trash at > > arbitrary address (for example, VM just rebooted ungracefully when I > > supplied (void*)123 as pointer to destination buffer). > > Were you using copyout(9)? I think FreeBSD's memory isolation between > processes is pretty decent. I would be very surprised if copyout to an > invalid address did something other than return EFAULT. At least the > amd64 implementation of copyout(9) will also explicitly check that the > address is a user address, so that you can't corrupt kernel memory > with a rogue pointer from user-space. >
Yep. I've used this https://gitorious.org/acpi_call-freebsd/acpi_call- freebsd/blobs/master/acpi_call.c#line49 for tests. _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[email protected]"
