Re: [PATCH] Gerd Hoffman's move-vsyscall-into-user-address-range patch

* Rusty Russell <[email protected]> wrote:

> AFAICT we'll pay one extra TLB entry for this patch.  Zach had a patch 
> which left the vsyscall page at the top of memory (minus hole for 
> hypervisor) and patched the ELF header at boot.

i'd suggest the solution from exec-shield (which has been there for a 
long time), which also randomizes the vsyscall vma. Exploits are already 
starting to use the vsyscall page (with predictable addresses) to 
circumvent randomization, it provides 'interesting' instructions to act 
as a syscall-functionality building block. Moving that address to 
another predictable place solves the virtualization problem, but doesnt 
solve the address-space randomization problem.

	Ingo
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Follow-Ups:
- Re: [PATCH] Gerd Hoffman's move-vsyscall-into-user-address-range patch
  - From: Rusty Russell <[email protected]>
- Re: [PATCH] Gerd Hoffman's move-vsyscall-into-user-address-range patch
  - From: Zachary Amsden <[email protected]>

References:
- [PATCH] Gerd Hoffman's move-vsyscall-into-user-address-range patch
  - From: Rusty Russell <[email protected]>

Prev by Date: SDIO - crc check of previous command failed
Next by Date: Re: acpi_power_off doesn't
Previous by thread: [PATCH] Gerd Hoffman's move-vsyscall-into-user-address-range patch
Next by thread: Re: [PATCH] Gerd Hoffman's move-vsyscall-into-user-address-range patch
Index(es):
- Date
- Thread

[Index of Archives] [Kernel Newbies] [Netfilter] [Bugtraq] [Photo] [Stuff] [Gimp] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Video 4 Linux] [Linux for the blind] [Linux Resources]