No think, how can we do a non-executable stack to help prevent code injection via stack buffer?
– used by windows, os X, Linux
OS(Kernel) resides in a portion of each process’s address space
True for each process, processes can cross the fence only in controlled/limited ways.
32-bit Linux: Lower 3GB for user code/data, top 1GB for kernel
Corresponds to x86 privilege ring transitions
Windows and OS X similar
DOS had no such fence, any process could alter DOS and viruses could spread by hooking DOS interrupt handlers via kernel changes.
Linux User/Kernel Memory Split
Kernel Mode Space/ User Mode Space
Complete Mediation
-Make sure that no protected resource could be accessed without going through the TCB
-TCB acts as a reference monitor that cannot be bypassed
-Privileged instructions
User code cannot access OS part of address space without changing to system mode
User code cannot access physical resources because they require privileged instructions (e.g. servicing interrupts) which can only be executed in system mode.
OS virtualizes physical resources and provides and API for virtualized resources
File for storing persistent data on disk
Virtual resource must be translated to physical resource handle whch cn only be done by OS, which ensures complete mediation