From: Dave Hansen <dave.hansen@intel.com>
To: Igor Stoppa <igor.stoppa@huawei.com>,
Michal Hocko <mhocko@kernel.org>,
Laura Abbott <labbott@redhat.com>
Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org,
"kernel-hardening@lists.openwall.com"
<kernel-hardening@lists.openwall.com>
Subject: Re: RFC v2: post-init-read-only protection for data allocated dynamically
Date: Wed, 10 May 2017 08:45:28 -0700 [thread overview]
Message-ID: <b780ac13-4fc3-ac07-f0c0-7a6cc8dae694@intel.com> (raw)
In-Reply-To: <1a8cc1f4-0b72-34ea-43ad-5ece22a8d5cf@huawei.com>
On 05/10/2017 08:19 AM, Igor Stoppa wrote:
> So I'd like to play a little what-if scenario:
> what if I was to support exclusively virtual memory and convert to it
> everything that might need sealing?
Because of the issues related to fracturing large pages, you might have
had to go this route eventually anyway. Changing the kernel linear map
isn't nice.
FWIW, you could test this scheme by just converting all the users to
vmalloc() and seeing what breaks. They'd all end up rounding up all
their allocations to PAGE_SIZE, but that'd be fine for testing.
Could you point out 5 or 10 places in the kernel that you want to convert?
next prev parent reply other threads:[~2017-05-10 15:45 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-03 12:06 RFC v2: post-init-read-only protection for data allocated dynamically Igor Stoppa
[not found] ` <70a9d4db-f374-de45-413b-65b74c59edcb@intel.com>
2017-05-04 8:17 ` Igor Stoppa
2017-05-04 14:30 ` Dave Hansen
2017-05-05 8:53 ` Igor Stoppa
2017-05-04 11:21 ` Michal Hocko
2017-05-04 12:14 ` Igor Stoppa
2017-05-04 13:11 ` Michal Hocko
2017-05-04 13:37 ` Igor Stoppa
2017-05-04 14:01 ` Michal Hocko
2017-05-04 17:24 ` Dave Hansen
2017-05-05 12:08 ` Igor Stoppa
2017-05-05 12:19 ` Igor Stoppa
2017-05-10 7:45 ` Michal Hocko
2017-05-04 16:49 ` Laura Abbott
2017-05-05 10:42 ` Igor Stoppa
2017-05-08 15:25 ` Laura Abbott
2017-05-09 9:38 ` Igor Stoppa
2017-05-10 8:05 ` Michal Hocko
2017-05-10 8:57 ` Igor Stoppa
2017-05-10 11:43 ` Michal Hocko
2017-05-10 15:19 ` Igor Stoppa
2017-05-10 15:45 ` Dave Hansen [this message]
2017-05-19 10:51 ` Igor Stoppa
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=b780ac13-4fc3-ac07-f0c0-7a6cc8dae694@intel.com \
--to=dave.hansen@intel.com \
--cc=igor.stoppa@huawei.com \
--cc=kernel-hardening@lists.openwall.com \
--cc=labbott@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mhocko@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).