Re: [RFC] x86/mm/KASLR: Remap GDTs at fixed location

From: Thomas Garnier
Date: Thu Jan 05 2017 - 14:03:44 EST

Next message: Jason Gunthorpe: "Re: Enabling peer to peer device transactions for PCIe devices"
Previous message: Arjan van de Ven: "Re: [RFC] x86/mm/KASLR: Remap GDTs at fixed location"
In reply to: Arjan van de Ven: "Re: [RFC] x86/mm/KASLR: Remap GDTs at fixed location"
Next in thread: Borislav Petkov: "Re: [RFC] x86/mm/KASLR: Remap GDTs at fixed location"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jan 5, 2017 at 10:56 AM, Arjan van de Ven <arjan@xxxxxxxxxxxxxxx> wrote:
> On 1/5/2017 8:40 AM, Thomas Garnier wrote:
>>
>> Well, it happens only when KASLR memory randomization is enabled. Do
>> you think it should have a separate config option?
>
>
> no I would want it a runtime option.... "sgdt from ring 3" is going away
> with UMIP (and is already possibly gone in virtual machines, see
> https://lwn.net/Articles/694385/) and for those cases it would be a shame
> to lose the randomization
>

That's correct. When UMIP is enabled, we should disable fixed location
for both GDT and IDT. Glad to do that when UMIP support is added.

--
Thomas

Next message: Jason Gunthorpe: "Re: Enabling peer to peer device transactions for PCIe devices"
Previous message: Arjan van de Ven: "Re: [RFC] x86/mm/KASLR: Remap GDTs at fixed location"
In reply to: Arjan van de Ven: "Re: [RFC] x86/mm/KASLR: Remap GDTs at fixed location"
Next in thread: Borislav Petkov: "Re: [RFC] x86/mm/KASLR: Remap GDTs at fixed location"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]