First page Back Continue Last page Summary Graphics
Kernel security model
You may not change kernel memory
Implemented on physical machines with help from hardware
UML has no such assistance
Ability to change kernel memory allows escape from UML
The security model of the kernel is simple - kernel memory is protected against modification by userspace. Any information that the kernel needs to maintain its integrity is kept inside the kernel.
Physical machines have help from the CPU in implementing kernel memory protection. UML has no such help from its "processor", the host Linux system, so implementing a separate protected kernel memory space is somewhat complicated.
However complicated it may be, it is still vital for security applications, since the ability to modify UML kernel data from a process would provide the ability to break out of UML.