[Info-vax] Android development Was Re: OT: Larry Ellison takes retirement as CEO of Oracle

Johnny Billquist bqt at softjar.se
Tue Sep 23 18:02:25 EDT 2014 

On 2014-09-23 21:24, JF Mezei wrote:
> On 14-09-23 14:20, John Reagan wrote:
>
>> SYS$QIO (and all system services) are specially known to the linker/image activator (called the public vectors).
>
> Would it be correct to state that the image activator would simply stick
> the address of SYS$QIO entry point in the loaded executable ?

I think that John Reagan simplified things a little in his explanation.
The SYS$QIO routine that you might call from, say FORTRAN-77, is 
actually a normal library routine that is included from STARLET (I would 
guess). It's no different from any other routine, written in any 
language, that you might call from your code.

However, the SYS$QIO routine really only does a rehash of all the 
parameters, and then do a $QIO system call, which, once again, just 
cause a trap to the kernel, where everything actually takes place.

>> Privilege checks are performed by the services against the process' current privs.
>
> But surely system services perform operations that would not be
> permitted if done by the user application that only has no special privs ?

Correct.

> So, when my user code takes the address of SYS$QIO furnished by the
> image activator and does a "CALL" instruction to it, what happens to
> allow my process (without privs) to be able to perform privileged
> operations because the code resides in area of memory that contains
> system services code ?

Uh. No. It don't work that way.
Your process, if you do not have any privileges, will not be able to 
perform any privileged operations. $QIO might, or might not, require 
privileges, depending on the function provided, and possibly other 
arguments. All the checking for this is done in the kernel, and it is 
done against the privileges your program is running with.

> Put it another way: if I were to take the exact same
> instructions/arguments located in the SYS$QIO system service and run
> them inside my process, it would not have the required privileges and
> fail, right ? So what happens to magically grant the same code
> privileges when I branch to a certain area of memory ?

It isn't possible. As others pointed out, you shared libraries do not 
have privileges themselves. The only privileges are on your whole 
process, and they apply no matter what part of your memory space the 
system call is made from.

	Johnny

More information about the Info-vax mailing list