BATTLE OF SKM AND IUM
blackhat2015
blackhat2015
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
MAILBOXES<br />
• Secure Communications Channel between <strong>IUM</strong> and NTOS<br />
• Each Secure Process can have up to 8 Mailbox Slots<br />
• Once a slot is ‘filled’, it must be retrieved before it can be used again<br />
• Each slot can contain up to 4092 bytes of data (4 bytes are used to store the size, for a total of 1 page)<br />
• PostMailbox will fill a slot on the <strong>IUM</strong> side<br />
• <strong>SKM</strong> side uses SkRetrieveMailbox to read the data, and then performs a Normal Mode Service Call to<br />
copy the mailbox data to NTOS<br />
• NTOS can access mailboxes by using the VslRetrieveMailbox API which is exported by the kernel