[EROS-Arch] EROS security bug
Jonathan S. Shapiro
shap@eros-os.org
Mon, 12 Mar 2001 20:25:42 -0500
> OC_GetRegs32 followed by OC_SetRegs32 provides a
> machine-independent way to set the PC and SP. It
> shouldn't be necessary to also allow it via
> OC_Process_Swap(ProcPCandSP).
I'm looking into the test discrepancy now, but I disagree with your comment
above. OC_Get/SetRegs is machine dependent. While the call exists on all 32
bit architectures, the structure returned is inherently architecture
specific. This is one reason why "swap space and PC" was introduced. Swap
space and PC truly is machine independent across all 32 bit architectures.
The other reason is that "swap space and PC" must be called by protospace,
which runs in a purely read-only address space and therefore has no place to
store the result of OC_GetRegs. Because of this, OC_GetRegs cannot be used
there.
Finally, note that OC_SetRegs does not provide a mechanism to simultaneously
change the address space capability. The protospace logic requires a
mechanism that revises both the address space and the PC as a single atomic
operation.
So far as I know, the operation exists only to support protospace, and I'ld
be prepared to remove it if protospace could be efficiently re-engineered to
avoid it. At this point, the only way I see to do that is to have a writable
protospace, which would damage the constructor logic pretty badly.
Jonathan