| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 4 Sep 2008 13:34:19 +0100 From: Alan Cox <alan@...rguk.ukuu.org.uk> To: Andi Kleen <andi@...stfloor.org> Cc: Arjan van de Ven <arjan@...radead.org>, linux-kernel@...r.kernel.org, mingo@...e.hu, tglx@...x.de, hpa@...or.org, Benjamin Herrenschmidt <benh@...nel.crashing.org> Subject: Re: [patch] Add basic sanity checks to the syscall execution patch On Thu, 04 Sep 2008 14:01:46 +0200 Andi Kleen <andi@...stfloor.org> wrote: > Arjan van de Ven <arjan@...radead.org> writes: > > > Add basic sanity checks to the syscall execution patch > > This just means that the root kits will switch to patch > the first instruction of the entry points instead. > > So the protection will be zero to minimal, but the overhead will > be there forever. Agreed entirely. This is a waste of time and a game not worth playing. The only place you can expect to make a difference here is in virtualised environments by teaching KVM how to provide 'irrevocably read only' pages to guests where the guest OS isn't permitted to change the rights back or the virtual mapping of that page. Alan -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists