[_cs2017_]

Since you make a very strong claim on a very complex topic, would you mind if I asked you to share whether you have expertise / credentials on drivers and security?

Edit: I'm not sure if it's considered appropriate to ask for credentials on HN. There's one way to find out :)

[rujuladanh]

A driver allowing to map any page is like recording a magician from all angles.

The only reasonable usage of such a situation is for the magician him/herself, to study his/her own performance. And even then, it is not usually done that way.

[monocasa]

There's a lot of situations where you map in trampolines to perform work inside a process on behalf of that process.

[rujuladanh]

The article is about a driver that allows to map any physical page.

[monocasa]

That majority isn't.

And while there's better ways to handle it, and it wouldn't pass a design review of mine, it's pretty common to make a driver specific /dev/mem equivalent. For isntance https://forum.xda-developers.com/showthread.php?t=2057818

[rujuladanh]

I am not sure what you are trying to say.

Any driver for a multiuser OS that essentially bypasses protection mechanisms by the kernel for non-root users is broken, period.

There is no argument about it.

[stefan_]

What is so complex about it? This is a very simple code injection technique ported to kernel space. Only, of course, there is essentially no use for code injection in any sort of production software.