Lines Matching full:or
10 isolated from other user mode threads and from the kernel. A flawed or
11 malicious user mode thread cannot leak or modify the private data/resources
12 of another thread or the kernel, and cannot interfere with or
13 control another user mode thread or the kernel.
18 could otherwise silently or spectacularly corrupt the system.
21 protocols, and filesystems such that malicious third-party code or data
22 cannot compromise the kernel or other threads.
26 isolated from each other if one crashes or is otherwise compromised.
34 - We prevent access to memory not specifically granted, or incorrect access to
48 by a supervisor thread, or thread stacks used to handle system call
49 privilege elevations, interrupts, or CPU exceptions.
65 - We prevent use of device drivers or kernel objects not specifically granted,
66 with the permission granularity on a per object or per driver instance
69 - We validate kernel or driver API calls with incorrect parameters that would
70 otherwise cause a crash or corruption of data structures private to the
75 - Using parameters outside of proper bounds or with nonsensical values.
78 access to read or write, depending on the semantics of the API.
87 - We prevent disabling of or tampering with kernel-defined and
138 must be done on the thread's behalf through system calls, or specifically
142 domains, or via kernel objects such as semaphores and pipes.
151 - User threads by default have no permission to access any kernel object or
153 another thread that is either in supervisor mode or has permission on both
159 - For performance and footprint reasons Zephyr normally does little or no
160 parameter error checking for kernel object or device driver APIs. Access from
163 the object, check the validity of other parameters through bounds checking or
187 instantiate device drivers, or define system calls, regardless of what