[okl4-developer] A doubt about blocking receive
Kalamkar, Dhiraj D
dhiraj.d.kalamkar at intel.com
Tue Sep 11 14:41:55 EST 2007
Agree that there is a potential for covert channel. But only microkernel
can keep track of blocked receivers (or senders) and there is no way for
root server (e.g. iguana server) to find out blocked receivers on a
particular sender before killing that particular sender.
Also, microkernel should at least provide support for timeout for
blocking send/receive operations. Otherwise, there is a good potential
for intended or unintended denial of service attack.
Thanks,
Dhiraj
-----Original Message-----
From: developer-bounces at okl4.org [mailto:developer-bounces at okl4.org] On
Behalf Of Gernot Heiser
Sent: Tuesday, September 04, 2007 6:07 PM
To: developer at okl4.org
Subject: Re: [okl4-developer] A doubt about blocking receive
Mwarton wrote:
> You are correct in this case, t1 will remain blocked waiting for t2,
> even if t2 is deleted. However, If t1 was blocked sending to t2, it
> would be aborted and returned failure. The reason for the difference
> is that the kernel does not internally track waiters on a specific
> thread.
Please note that it is inherently not the microkernel's job to keep
track of what partners you might be communicating with, and whether or
not they still exist.
In fact, from the security point of view, this would create a security
hole (covert channel). The present receive behaviour is therefore
required. You can expect the present send behaviour to change in a
future API version, in order to eliminate this potential covert
channel.
Gernot
_______________________________________________
Developer mailing list
Developer at okl4.org
https://lists.okl4.org/mailman/listinfo/developer
More information about the Developer
mailing list