From: xerofoify@gmail.com (nick)
To: kernelnewbies@lists.kernelnewbies.org
Subject: Reusable Memory Manager
Date: Wed, 22 Apr 2015 22:42:38 -0400 [thread overview]
Message-ID: <55385C1E.109@gmail.com> (raw)
In-Reply-To: <CAK7rcp-eNq6sutpy1aBh+9UULEgi2xRFSkjQs1TQ4SgkM7dGcw@mail.gmail.com>
On 2015-04-22 10:39 PM, Kenneth Adam Miller wrote:
> So, I have a particular use case that has a lot to do with security.
>
> Basically, we have a intended secure kernel version with grsecurity and
> other patches on it, and we have a specific application that has to do data
> filtering as an inline reference monitor.
>
> The problem is, there is throughput and design considerations that are
> limiting efficiency in the sense that it is highly difficult to make the
> system concurrent and also highly difficult to scale-all while also being
> secure.
>
> Basically, the memory regions have to be encoded at compile time because of
> the way kernel segregation works. This makes the security proof of the
> system far more simple and manageable; it's easy to say that no userland
> monitor which is being given access to a specific memory region can access
> outside of the region to which it is allocated, because it's statically
> set. The tradeoff here is pretty severe, because the static settings that
> have to be adopted pretty much mean that each particular monitor is given a
> specific memory region; if there's a lot of traffic to a specific monitor
> type, then that one type will be overwhelmed, but not even at the rate that
> the machine itself could support. This is because all the other cores are
> potentially sitting unused while the one in this worst case scenario is
> running out of memory and not able to dispatch work to more cores.
>
> So my ultimate question is: is there some reusable, dynamic memory
> allocation manager that can be used? I'm thinking that there has to, at the
> least, be the constructs by which user land processes are managed and
> divvied memory by the kernel itself. Does anybody know where that source
> would be? Where I can go in order to learn more about that?
>
> What we want is a secure way to dynamically allocate memory from these
> static memory page boundaries such that
>
>
>
> _______________________________________________
> Kernelnewbies mailing list
> Kernelnewbies at kernelnewbies.org
> http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
>
You didn't finish your email such that ... . I would be glad to try and
help if you finish off what your requirements are.
Nick
next prev parent reply other threads:[~2015-04-23 2:42 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-04-23 2:39 Reusable Memory Manager Kenneth Adam Miller
2015-04-23 2:42 ` nick [this message]
[not found] ` <CAK7rcp9XqBjZ4Sp8-C=jQE0OSnxqNoLVFntCowVQSR=6iBMvsQ@mail.gmail.com>
2015-04-23 3:01 ` nick
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55385C1E.109@gmail.com \
--to=xerofoify@gmail.com \
--cc=kernelnewbies@lists.kernelnewbies.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.