@Conan_Kudo @lanodan @marcan ah sorry, didn't mean to imply it was a *good* idea, just that if you're designing something to be easy to implement, going sector=page is an easy choice.
Notices by Marcus Müller (funkylab@mastodon.social)
-
Embed this notice
Marcus Müller (funkylab@mastodon.social)'s status on Friday, 01-Dec-2023 03:14:59 JST Marcus Müller -
Embed this notice
Marcus Müller (funkylab@mastodon.social)'s status on Friday, 01-Dec-2023 03:14:58 JST Marcus Müller @Conan_Kudo @lanodan @marcan somewhat relatedly, I haven't been following things, but did memory folios actually get a lot of traction?
-
Embed this notice
Marcus Müller (funkylab@mastodon.social)'s status on Friday, 01-Dec-2023 01:43:24 JST Marcus Müller @lanodan @marcan the MMU / mmap() can only map pages between kernel space and userland, so it *does* make a lot of sense
-
Embed this notice
Marcus Müller (funkylab@mastodon.social)'s status on Saturday, 07-Oct-2023 22:24:02 JST Marcus Müller @pid_eins hm. But that basically necessitates solid RPC between an unprivileged client and a privileged system management daemon, which in itself is exactly where we tend to find parsing bugs for decades (like the glibc one triggering this discussion is).
I'd honestly rather see a kind-of-single-syscall-suid mechanism that only works with a sensible verifiable pledge()-equivalent. Like, think of an xattr that contains ebpf code describing that a privileged open can open exactly one file, and...