On 04/17/2018 05:25 PM, speck for Jiri Kosina wrote:
> On Tue, 17 Apr 2018, speck for Thomas Gleixner wrote:
> 
>> The prctl is an optimization which can be done afterwards and we first 
>> need to agree whether we want it at all. I'm not too fond of yet another 
>> conditional branch in the entry/exit code. The code patching there is 
>> already bad enough. If we keep up adding this crap at that rate then we 
>> have sooner than later more NOOPs and conditionals than actual code.
> 
> Plus the prctl() aproach opens a potential hole for attacks that can first 
> trick some vulnerable binary to call prctl() (ROP, return into libc ...) 
> on itself.

The proposal would be that it only allows you to go one-way. You can say
"I am vulnerable", turn off MD, but you can't say "I am not vulnerable".

Jon.

-- 
Computer Architect | Sent from my Fedora powered laptop