Re: Security fix for remapping of page 0 (was [PATCH] ChangeZERO_SIZE_PTR to point at unmapped space)

From: Alan Cox
Date: Wed Jun 03 2009 - 12:14:33 EST

Next message: Gábor Stefanik: "Re: linux-next: Tree for June 3 (rfkill)"
Previous message: Linus Torvalds: "Re: [benchmark] 1% performance overhead of paravirt_ops on nativekernels"
In reply to: Linus Torvalds: "Re: Security fix for remapping of page 0 (was [PATCH] ChangeZERO_SIZE_PTR to point at unmapped space)"
Next in thread: Linus Torvalds: "Re: Security fix for remapping of page 0 (was [PATCH] ChangeZERO_SIZE_PTR to point at unmapped space)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> It defaults to 64kB in at least the x86 defconfig files, but to 0 in the
> Kconfig defaults. Also, for some reason it has a "depends on SECURITY",
> which means that if you just default to the old-style unix security you'll
> lose it.
>
> So there are several ways to disable it by mistake. I don't know what
> distros do.

Fedora at least uses SELinux to manage it. You need some kind of security
policy engine running as a few apps really need to map low space (mostly
for vm86)

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Gábor Stefanik: "Re: linux-next: Tree for June 3 (rfkill)"
Previous message: Linus Torvalds: "Re: [benchmark] 1% performance overhead of paravirt_ops on nativekernels"
In reply to: Linus Torvalds: "Re: Security fix for remapping of page 0 (was [PATCH] ChangeZERO_SIZE_PTR to point at unmapped space)"
Next in thread: Linus Torvalds: "Re: Security fix for remapping of page 0 (was [PATCH] ChangeZERO_SIZE_PTR to point at unmapped space)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]