Prevent list poison values from being mapped by userspace processes
Russell King - ARM Linux
linux at arm.linux.org.uk
Mon Aug 24 12:14:28 PDT 2015
On Mon, Aug 24, 2015 at 11:51:04AM -0700, Kees Cook wrote:
> On Mon, Aug 24, 2015 at 11:47 AM, Russell King - ARM Linux
> <linux at arm.linux.org.uk> wrote:
> > That's something which Catalin indicated that he'll work on. However,
> > he said in a public email last week that he won't be around for a while.
> >
> > So, I have no immediate solution for LPAE - it looks like LPAE will
> > require switching the page tables on kernel entry or exit, and again
> > each and every time we want to perform a userspace access. How this
> > is done is not something that has been discussed, and neither do we
> > yet know how expensive this will be. There are a number of places in
> > the kernel where a large number of get_user()s or put_user()s follow
> > one after each other, which necessitates switching back and forth
> > multiple times. We may need to address some of those areas by
> > converting them to copy_(to|from)_user().
>
> By the way, have you looked at grsecurity's implementation of these
> protections? They've been using domains for a while now, and I think
> have an LPAE solution as well.
*Sigh*.
No, and I really don't care - if people want to do development work out
of the mainline kernel and not bother to talk about getting it upstream,
it's their loss. As far as I'm concerned, such external work doesn't
exist.
--
FTTC broadband for 0.8mile line: currently at 10.5Mbps down 400kbps up
according to speedtest.net.
More information about the linux-arm-kernel
mailing list