> >a single fixed memory pool on a compartmented mode system or processes can
> >signal across the security boundary using out of memory as indications.
>
> Only on overcommited systems.
Wrong. Think about it
> Not really.. all it takes is a guaranteed memory allocation. No overcommitting
> memory. Thats the way it works with UNICOS, and I believe that is the same
> for trusted HP/UX and trusted Solaris. I have seen it with trusted IRIX.
If that is the case and there is no other checking then I think they all need
stripping of their security level. Guaranteed memory allocation makes the
signalling easier
I malloc 160Mb and see if it failed. If it failed then the big batch job in
the other compartment is running which means the battle sim is running.
The failed allocation gave me information about another compartment.
Alan
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Mar 31 2000 - 21:00:19 EST