Re: [PATCH v4 09/10] x86-64: Randomize int 0xcc magic al values at boot

From: Andrew Lutomirski
Date: Tue May 31 2011 - 12:11:08 EST

Next message: Neil Horman: "Re: [PATCH] ftrace: tracepoint of net_dev_xmit sees freed skb andcauses panic"
Previous message: Tim Chen: "Re: [PATCH 14/14] tmpfs: no need to use i_lock"
In reply to: Andrew Lutomirski: "Re: [PATCH v4 09/10] x86-64: Randomize int 0xcc magic al values at boot"
Next in thread: Ingo Molnar: "Re: [PATCH v4 09/10] x86-64: Randomize int 0xcc magic al values atboot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, May 31, 2011 at 11:56 AM, Andrew Lutomirski <luto@xxxxxxx> wrote:
> We could scrap int 0xcc entirely and emulate on page fault, but that
> is slower and has other problems (like breaking anything that thinks
> it can look at a call target in a binary and dereference that
> address).
>
> Here's a possibly dumb/evil idea:
>
> Put real syscalls in the vsyscall page but mark the page NX. Then
> emulate the vsyscalls on the PF_INSTR fault when userspace jumps to
> the correct address but send SIGSEGV for the wrong address.
>
> Down side: it's even more complexity for the same silly case.

Scratch that. It's incompatible with keeping time() fast for now.

>
> --Andy
>
>>
>> Thanks,
>>
>> Ingo
>>
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Neil Horman: "Re: [PATCH] ftrace: tracepoint of net_dev_xmit sees freed skb andcauses panic"
Previous message: Tim Chen: "Re: [PATCH 14/14] tmpfs: no need to use i_lock"
In reply to: Andrew Lutomirski: "Re: [PATCH v4 09/10] x86-64: Randomize int 0xcc magic al values at boot"
Next in thread: Ingo Molnar: "Re: [PATCH v4 09/10] x86-64: Randomize int 0xcc magic al values atboot"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]