site_archiver@lists.apple.com Delivered-To: darwin-kernel@lists.apple.com Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=PeZjMRL60DZ9BaCr183tX2fp2GabtuTjEWmhYZrDrPw=; b=sUPf0q4wUxnRVA//ZSLdTims6LLaweyE66mDFtnnXcc62GJm0TeVpvyH7dgguSJ6al lQOtIYgDq9FVvi/YVL3ehR9k3i2SEKRG+CFMKto7Wt4NjBGMAR2wVg4uthycqejIdivM 7IsIurFLFvBq1okLBvWzRD8htHX0ANLEr4LWY= Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=oRzeensAamI74Bvqu9GJJ5PIKmQxXk8MQSR+OSiStapLeziDqTvNLwjeDrSdK9jMta WVEv19ohDS3iB2argou+MAnf7z/mwf/S5jc9js0wEVTATCYs91Nay0UZm63Hu/RC5vWz Rs8lWFG9NSoXu/kHm4OJ7fiwcriLe86sr1K6M= Mike, Thank you for your advise! Nobody said about sharing memory with multiple processes and kernel. The plan was for the kernel to map the page into calling process' address space upon initialization and return a pointer (as well as the mach port) to the process. Also, if i just cache the extended key in the kernel and pass requests around without any state when will the kernel know to release the extended key? All in all, looking closer at the IOUserClient as you've suggested i think i will just initialize the extended key with the user client instance, send requests through the sort of synchronous RPC it has there (IOExternalMethodDispatch?) and free the key once calling process closes the user client port or just terminates since this leads to user client termination :) I am relatively new to OSX kernel programming so maybe there is something i should be aware of in this setup? Thanks. Inso Reiges Tue, May 3, 2011 at 1:30 PM, Michael Smith <drivers@mu.org> wrote:
Sharing a page between multiple processes and the kernel is a terrible idea (any process can steal or damage any other process' data). Your best bet is just to pass your requests around using Mach messages (you can leverage IOUserClient and get most of the boring parts handled for free). If you want to cache the results of your key extension, then just save your extended key results in the kernel and e.g. hash the inbound key as your cache index value. = Mike On May 2, 2011, at 8:45 PM, Inso Reiges wrote:
Michael,
I am not sure yet what i am trying to do :) I am exploring possibilities. The major task at hand is as follows. I have an IOService in kernel that stores encryption keys and services crypto requests. Don't ask why crypto is in kernel - this is something i can't currently change. There is a large chunk of work that can be precomputed if several requests use the same encryption key (encryption key extension). I want to create a persistent kernel service that precomputes this chunk of work on initialization, shares a memory page with a user process, a mach port and a semaphore. The plan is for user process to initialize this kernel object with a single key then for all further requests put the data to encrypt or decrypt in the shared memory, send a message through mach port and block on the semaphore while kernel processes the data from the shared memory. After completion kernel wakes the user process through the semaphore. The user process then takes encrypted/decrypted data from the same shared memory buffer.
This is how similar functionality was implemented on Windows and i was hoping to directly port the same idea on OS X. If there is a better way to do this i would be glad to know.
Thanks. Inso Reiges
On Sat, Apr 30, 2011 at 10:04 AM, Michael Smith <drivers@mu.org> wrote:
On Apr 29, 2011, at 6:13 AM, Inso Reiges wrote:
Can i share a semaphore between a user space process and a kernel
task? If yes, how can i do this?
This is almost always the wrong thing to do. In general, the kernel
services requests from user space, it does not compete on equal standing for
resources with user space processes.
What are you actually trying to do?
= Mike
--
True terror is to wake up one morning and discover that your high school
class is running the country. -- Kurt Vonnegut
-- The lyf so short, the craft so long to lerne -- Chaucer
_______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/site_archiver%40lists.a... This email sent to site_archiver@lists.apple.com