From: Borislav Petkov <bp@alien8.de>
To: Andy Lutomirski <luto@MIT.EDU>
Cc: Thomas Gleixner <tglx@linutronix.de>, Ingo Molnar <mingo@elte.hu>,
x86@kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH 2/5] x86-64: Give vvars their own page
Date: Sun, 29 May 2011 22:34:02 +0200 [thread overview]
Message-ID: <20110529203402.GB1192@liondog.tnic> (raw)
In-Reply-To: <80895427afdff1cb56c7f02d567f92ce2e1fa9d8.1306517576.git.luto@mit.edu>
On Fri, May 27, 2011 at 01:38:39PM -0400, Andy Lutomirski wrote:
> Move vvars out of the vsyscall page into their own page and mark it
> NX.
>
> Without this patch, an attacker who can force a daemon to call some
> fixed address could wait until the time contains, say, 0xCD80, and
> then execute the current time.
>
> Signed-off-by: Andy Lutomirski <luto@mit.edu>
> ---
> arch/x86/include/asm/fixmap.h | 1 +
> arch/x86/include/asm/pgtable_types.h | 2 ++
> arch/x86/include/asm/vvar.h | 22 ++++++++++------------
> arch/x86/kernel/vmlinux.lds.S | 27 ++++++++++++++++-----------
> arch/x86/kernel/vsyscall_64.c | 5 +++++
> tools/power/x86/turbostat/turbostat | Bin 0 -> 29200 bytes
You've added the turbostat binary to the diffstat too. I believe this
wasn't your intention, no? :)
--
Regards/Gruss,
Boris.
next prev parent reply other threads:[~2011-05-29 20:34 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-05-27 17:38 [PATCH 0/5] x86-64: Remove syscall instructions at fixed addresses Andy Lutomirski
2011-05-27 17:38 ` [PATCH 1/5] x86-64: Fix alignment of jiffies variable Andy Lutomirski
2011-05-27 17:38 ` [PATCH 2/5] x86-64: Give vvars their own page Andy Lutomirski
2011-05-29 20:34 ` Borislav Petkov [this message]
2011-05-30 1:37 ` Andrew Lutomirski
2011-05-27 17:38 ` [PATCH 3/5] x86-64: Remove kernel.vsyscall64 sysctl Andy Lutomirski
2011-05-27 17:38 ` [PATCH 4/5] x86-64: Replace vsyscall gettimeofday fallback with int 0xcc Andy Lutomirski
2011-05-29 19:10 ` Ingo Molnar
2011-05-29 19:23 ` Andrew Lutomirski
2011-05-29 19:43 ` Ingo Molnar
2011-05-29 19:49 ` Ingo Molnar
2011-05-29 19:57 ` Andrew Lutomirski
2011-05-29 20:01 ` Ingo Molnar
2011-05-29 20:04 ` Andrew Lutomirski
2011-05-29 20:26 ` Borislav Petkov
2011-05-29 19:49 ` Jesper Juhl
2011-05-29 19:54 ` Jesper Juhl
2011-05-29 20:05 ` Andrew Lutomirski
2011-05-29 20:07 ` Jesper Juhl
2011-05-27 17:38 ` [PATCH 5/5] x86-64: Map the HPET NX Andy Lutomirski
2011-05-29 19:19 ` [PATCH 0/5] x86-64: Remove syscall instructions at fixed addresses Ingo Molnar
2011-05-31 2:33 ` Andrew Lutomirski
2011-05-31 8:07 ` Ingo Molnar
2011-05-31 12:27 ` Andrew Lutomirski
2011-05-31 12:54 ` Ingo Molnar
2011-05-31 13:06 ` Andrew Lutomirski
2011-05-31 13:11 ` Ingo Molnar
2011-05-31 13:17 ` Andrew Lutomirski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110529203402.GB1192@liondog.tnic \
--to=bp@alien8.de \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@MIT.EDU \
--cc=mingo@elte.hu \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.