On Tue, Apr 1, 2008 at 2:28 AM, Neal H. Walfield <[EMAIL PROTECTED]> wrote:
> At Mon, 31 Mar 2008 21:23:41 -0600, > Joshua Stratton wrote: > > > > I was on the irc channel talking about the feasibility using client-side > > memory buffers for a new network stack. Based on some feedback about > > difficulties of implementing this in the Hurd, I thought I would ask > anyone > > if they thought this would be especially difficult--particularly Marcus > and > > Neal. > > The way to do client side allocations is to have the client pass a > memory object to the server. There is a problem with this approach, > however, as it allows the client to interfere with the server's > operations. > > The problem is exactly the same as that with L4's data spaces. When > the server maps and accesses the memory object, the client can revoke > the mapping at any time (via memory_object_lock_request), causing the > server to fault. If you manage to unmap the memory while the server > is blocked on it (waiting for it to be paged in) and has a lock, > you've successfully created a denial of service. Okay, so it's a bad idea, for example, to juggle ownership of the memory object so the client cannot unmap while the server is operating on it? > > Without changing the Mach interfaces, the best approach is to have the > server allocate the memory and to transfer it to the client using the > normal Mach buffer passing semantics. Great. I'll look into that. > > Neal > >
