sec: Add multiprocess slides

Signed-off-by: Holger Dengler <dengler@linutronix.de>

3 files changed, 134 insertions, 0 deletions

diff --git a/security/advanced/Makefile b/security/advanced/Makefile
index 9c1bb83..cae6550 100644
--- a/security/advanced/Makefile
+++ b/security/advanced/Makefile
@@ -1,3 +1,4 @@
 obj-$(CONFIG_SECURITY_ADV) += pres_advanced_sec.pdf
 obj-$(CONFIG_SECURITY_ADV) += pres_capability.pdf
 obj-$(CONFIG_SECURITY_ADV) += pres_exploit.pdf
+obj-$(CONFIG_SECURITY_ADV) += pres_process_thread.pdf
diff --git a/security/advanced/frm_process_thread.tex b/security/advanced/frm_process_thread.tex
new file mode 100644
index 0000000..b58a452
--- /dev/null
+++ b/security/advanced/frm_process_thread.tex
@@ -0,0 +1,113 @@
+% ----------------------------
+\subsubsection{Process Isolation}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{Why isolating tasks?}
+\begin{figure}[h]
+\centering
+\includegraphics[width=5cm]{images/multithread_norm.png}
+\end{figure}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{Multithreaded Application under attack}
+\begin{figure}[h]
+\centering
+\includegraphics[width=5cm]{images/multithread_attack.png}
+\end{figure}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{Multi-process vs. Multi-thread}
+\begin{figure}[h]
+\centering
+\includegraphics[width=8cm]{images/multiproc_norm.png}
+\end{figure}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{Multi-process under attack}
+\begin{figure}[h]
+\centering
+\includegraphics[width=8cm]{images/multiproc_attack.png}
+\end{figure}
+\end{frame}
+
+% ----------------------------
+\subsubsection{Memory Management}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{Memory Manangement}
+\begin{itemize}
+\item create process context
+\item overload VMA
+\end{itemize}
+\begin{figure}[h]
+\centering
+\includegraphics[width=8cm]{images/proc_isol.png}
+\end{figure}
+\end{frame}
+
+% ----------------------------
+\subsubsection{Multiprocess Programming}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{Multiprocess Programming}
+\begin{columns}[onlytextwidth]
+ \begin{column}{0.45\textwidth}
+ \begin{beamerboxesrounded}[shadow=true]{Program:}
+ \begin{tiny}
+ \begin{verbatim}
+[...]
+pid = fork();
+switch (pid) {
+case -1:
+        /* error handling */
+case 0:
+        /* child processing */
+        execve(argv[0], &argv[0], envp);
+        break;
+default:
+        /* parent processing */
+        [...]
+        pid = wait(&status);
+}
+[...]
+ \end{verbatim}
+ \end{tiny}
+ \end{beamerboxesrounded}
+ \end{column}
+ \begin{column}{0.45\textwidth}
+ \begin{beamerboxesrounded}[shadow=true]{Arguments:}
+ \begin{tiny}
+ \begin{verbatim}
+char *argv[] = {
+        "/bin/myappl",
+        "--config",
+        "/etc/myconfig",
+        NULL,
+};
+ \end{verbatim}
+ \end{tiny}
+ \end{beamerboxesrounded}
+ \begin{beamerboxesrounded}[shadow=true]{Environment:}
+ \begin{tiny}
+ \begin{verbatim}
+char *envp[] = {
+        "HOME=/myhome",
+        "PATH=/bin:/usr/bin",
+        "TZ=UTC0",
+        NULL,
+};
+ \end{verbatim}
+ \end{tiny}
+ \end{beamerboxesrounded}
+ \end{column}
+\end{columns}
+\end{frame}
diff --git a/security/advanced/pres_process_thread.tex b/security/advanced/pres_process_thread.tex
new file mode 100644
index 0000000..a58f449
--- /dev/null
+++ b/security/advanced/pres_process_thread.tex
@@ -0,0 +1,20 @@
+\input{configpres}
+
+% ----------------------------
+\subsection{Linux Process Isolation}
+
+\title{Linux Process Isolation}
+\maketitle
+
+% ----------------------------
+\begin{frame}
+\frametitle{Overview}
+\tableofcontents
+\end{frame}
+
+% ----------------------------
+\input{security/advanced/frm_process_thread.tex}
+
+% ----------------------------
+\subsection*{}
+\input{tailpres}