Question

In: Computer Science

Why does the kernel need to validate pointers passed into a system call? What could go...

Why does the kernel need to validate pointers passed into a system call? What could go wrong if it did not validate user pointers?

Solutions

Expert Solution

The operating system provide certain services, now system calls provide interface to the services that are available by the operating system. the program can be execute into two modes:

  1. User Mode - if program executed on user mode then that does not have direct access to the memory to the hardware and such resouces.
  2. Kernel Mode - if program executed on kernal mode that program has direct access to the memory and hardware and such resources.

let us discuss on kernel mode to easy understand why kernel need validate pointers passed into system call.

if a program execute in kernel mode then it is privileged mode because it is having direct access to many of the resources but problem is that when program is executed in kernal mode, if the program happen to crash during its execution then the entire system would crash or entire system will come to a halt so that is one problem of kernel mode.

when program is executed in user mode, it may need to access of some of the resources like memory or hardware so when the program needs access to these resources it makes a call to your operating system telling that I need access to certain resources so it makes a call and when it makes a call for an instance the program switched from user mode to kernel mode so it can use those resources. the system calls made by program to access certain resources, the system call is programmatic way in which a computer request a service from the kernel of the operation system.

The kernel need to validate the pointers because attackers may can take benifits of reads from unchecked pointers. it is very imprtatance of validating pointers before passing into system call, if kernel forget to perform this check then possible of harm user get control of the system.

When you turn on your computer the CPU starts in level 0. the kernel then can configure stuff with the address through the instruction, then later drops privilege of the CPU to level, now hardware is kind of lockdown, we cannot configure register, hardware. we only can enter level 0 again, through a system call but we cannot control what will be executed, because the address is fixed.

For example, let us consider writing the program reading the data and copy the content from one file to another file.

now how system call are made for this simple task, firstly in order to copy the content of an input file to an output file we need to get the name of the input file, we need to know which is our input file from which we are going to copy the contents so the first step is to acquire the input file name so we need a system call in order to acquire the input file name and then we write a prompt to the screen that means you are displaying a prompt on the screen asking the user to enter the name of the input file so for writing the prompt to the scene you need another system call and then you need to accept the input that the user gives you so that need another system call. the system call are made when we want to access some resources of system.

Now, Acquiring the input file name we need system call, writing the prompt into the screen so going to user hardware output device therefore need an system call for accessing hardware and then accepting the input either the keyword or mouse which need system call. once we get the input file then we need to get the output file name from which the file going to copying the contents which is destination file name at his scenario we require system call.

When users enters the name of output file using the keyboard that need to accept the input for that we need an system call. we need to open the input file so start copy that things which need system call again, if file doesn't exists then you have to abort that means terminate the execution. we need to create the output file using the file entered, if the file exists then also you have to abort because you are try to create new file into which you are to copy the contents of the source file to the destination file. now the name of the output file that we provided or the name of distination provided if it already exists then you cannot create output file. you have to create new file are not allow to file already exists.

Now ready to write the input file to output file, for that need to run the loop because we need to copy all the contents of the input file to the output file. the loops runs unitl it fails, here also error can be accur like hardware errors at that time need to abort so we need system call. after everything copied from input file to output file then need to close the output file so closing output file again you need a system call. we need to display the message on screen copyring process is complete so let the user know that copyring process is complete.

Once done the process, need to terminate normally for that also we require system call. In this case we see that for many operation we require the system call.

according to example, it is easy to understand how kernel need to validate pointers pointers into system call, without validating what may problem accurs which execution.


Related Solutions

What are chylomicrons? Why can’t they go directly into the circulatory system? Where do they go?...
What are chylomicrons? Why can’t they go directly into the circulatory system? Where do they go? a. Which of the four basic processes take place in the mouth (you can list more than one)? What are sphincters and what are their purposes? What types of materials are contained in saliva? What is peristalsis? How does it ensure one-way movement? Which of the four basic processes take place in the stomach? List three secretions from the stomach and state what these...
Write a C program using system call I/O to a) open an existing text file passed...
Write a C program using system call I/O to a) open an existing text file passed to your program as a command line argument, then b) display the content of the file, c) ask the user what information he/she wants to append d) receive the info from the user via keyboard e) append the info received in d) to the end of the file f) display the updated content of the file
Why does an auditor need to understand a client’s IT system? Explain how IT affects the...
Why does an auditor need to understand a client’s IT system? Explain how IT affects the financial statements.
Why does the medical assistant need to understand how to convert the household system and the...
Why does the medical assistant need to understand how to convert the household system and the metric system when most medication orders are given in the metric system?
1. Why there needs to be user thread and kernel thread? 2. What are the advantages...
1. Why there needs to be user thread and kernel thread? 2. What are the advantages and disadvantages of writing an operating system in a highlevel language, such as C? 3. What is a critical section problem? Demonstrate that with an example. 4. With an example, show how critical section can led to dead locks. 5. Write two differences between a network OS and a distributed OS. 6. Identify the following environments as hard, firm or soft real time. Give...
What is regulation? Why does government see a need to regulate?
-What is regulation? Why does government see a need to regulate? Differentiate between economic and social regulation. What social regulations do you think are most important, and why? What social regulations ought to be eliminated? Explain.-What does corporate accountability mean to you? How important is corporate political transparency?
What features could be beneficial to our own healthcare system in the U.S. and why? What...
What features could be beneficial to our own healthcare system in the U.S. and why? What are the tradeoffs structurally and financially? Who benefits the most? The least if they were to be implemented in the U.S.?
Why does Beauvoir call women the second sex?
Why does Beauvoir call women the second sex?
1. What are ODP transparencies? What is their purpose? Does a distributed system need to provide...
1. What are ODP transparencies? What is their purpose? Does a distributed system need to provide all transparencies? How are transparencies provided in an ODP-compliant system. 2. Describe the five ODP viewpoints. Why should we describe a distributed system using different viewpoints? What is the ideal way to design a distributed system using ODP? If we are starting with an existing system that does not use ODP, how should we proceed?
1. What is the need of a sub-station in the power system ? 2. Why are...
1. What is the need of a sub-station in the power system ? 2. Why are pole-mounted sub-stations very popular ? 3. Where we erect a terminal sub-station ? 4. Why do we use isolators on both sides of circuit breaker ? 5. What is the utility of instrument transformers in sub-stations ?
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT