Page 1 of 1
[SOLVED] Safe to flag high-level paging structures as USER ?
Posted: Sun Jan 19, 2014 11:32 am
by wichtounet
Hi,
I'm currently working on multitasking support on my OS and I had to map some pages with USER flag (OR 0x4).
What I've done now is to flag all high level tables (PML4T,PDPT,PDT) entries with USER flag and only the Page Directory entries with either USER or SUPERVISOR depending on the need.
I was wondering if it was safe ? Does that mean that a user could modify paging ? Should I totally separate them, by reserving some entries in each structure for kernel and some other for user mode.
Thank you
Re: Is it safe to flag high-level paging structures as USER
Posted: Sun Jan 19, 2014 11:54 am
by brunexgeek
I don't know the structures used in 64bits (my kernel is 32bits), but if you set the page for page directory as USER and your GDT allows, any user program could change it's entries (e.g. overwrite all page tables references).
Re: Is it safe to flag high-level paging structures as USER
Posted: Sun Jan 19, 2014 12:25 pm
by bluemoon
brunexgeek wrote:I don't know the structures used in 64bits (my kernel is 32bits), but if you set the page for page directory as USER and your GDT allows, any user program could change it's entries (e.g. overwrite all page tables references).
This is misleading. To alter the content of a page directory/entry, you have to map such content into logical address. The access flag of such address determinate if user may alter that content.
If you happen to use recursive paging method, you may still prevent user modifying page table by having the flag for such logical address (ie. last entry in most tutorials) to supervisor
Re: Is it safe to flag high-level paging structures as USER
Posted: Sun Jan 19, 2014 12:47 pm
by wichtounet
bluemoon wrote:If you happen to use recursive paging method, you may still prevent user modifying page table by having the flag for such logical address (ie. last entry in most tutorials) to supervisor
I don't use the recursive paging method, but the logical addresses of the page tables are flagged with supervisor. I know that this is already some protection, but I don't know if it is enough.
Re: Is it safe to flag high-level paging structures as USER
Posted: Sun Jan 19, 2014 2:15 pm
by Brendan
Hi,
wichtounet wrote:bluemoon wrote:If you happen to use recursive paging method, you may still prevent user modifying page table by having the flag for such logical address (ie. last entry in most tutorials) to supervisor
I don't use the recursive paging method, but the logical addresses of the page tables are flagged with supervisor. I know that this is already some protection, but I don't know if it is enough.
It's safe. The CPU combines all the flags at each level together to determine the final permissions. If something (writes, execution or "user" access) is prevented at any level then there's no way to allow it at any other level; and if something is allowed at any level then it can be overridden/prevented at any other level.
Cheers,
Brendan
Re: Is it safe to flag high-level paging structures as USER
Posted: Sun Jan 19, 2014 2:32 pm
by wichtounet
Fine, I didn't know of the "combination mechanism". I'll make sure all last level are flagged correctly.
Thanks Brendan
And all the others that answered too, of course.