Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: zero filling pages

At 0:07 +1000 7/24/03, Wade Tregaskis wrote:
A single process on your machine is exploited, and is now running malicious code. Without zero-filled pages, this process could just repeatedly call vm_allocate and examine the unallocated pages on your system. It could then, search for recognizable patterns in the pages (credit card numbers, addresses, social security numbers, etc.).

I wonder if perhaps vm_allocate could be modified so that it tries to return memory last used by the same process, and thus not needing to be zero-filled?

That would make a lot of sense -- for each task, keep a LIFO of free pages -- this also eliminates the round-trip to the kernel for vm_allocate if the request can be satisfied with previously freed pages.

(Specifying a LIFO here because (1) a LIFO can be implemented atomically on a PPC w/o a kernel round trip and (2) recently used pages are more likely to be the the processor cache)

You also probably want a mechanism where the kernel can scavenge free pages from processes if it runs out which doesn't have to be too fancy because normally free pages will be returned when a process quits.

-Steve
_______________________________________________
darwin-development mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/darwin-development
Do not post admin requests to the list. They will be ignored.


Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2007 Apple Inc. All rights reserved.