| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 25 Sep 2015 09:16:45 +0200 From: Ingo Molnar <mingo@...nel.org> To: Andy Lutomirski <luto@...capital.net> Cc: Dave Hansen <dave@...1.net>, X86 ML <x86@...nel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "linux-mm@...ck.org" <linux-mm@...ck.org>, Linus Torvalds <torvalds@...ux-foundation.org>, Andrew Morton <akpm@...ux-foundation.org>, Peter Zijlstra <a.p.zijlstra@...llo.nl>, Andy Lutomirski <luto@...nel.org>, Borislav Petkov <bp@...en8.de>, Kees Cook <keescook@...gle.com> Subject: Re: [PATCH 26/26] x86, pkeys: Documentation * Andy Lutomirski <luto@...capital.net> wrote: > This may mean that we want to have a way for binaries to indicate that they want > their --x segments to be loaded with a particular protection key. The right way > to do that might be using an ELF note, and I also want to use ELF notes to allow > turning off vsyscalls, so maybe it's time to write an ELF note parser in the > kernel. That would be absolutely lovely for many other reasons as well, and we should also add a tool to tools/ to edit/expand/shrink those ELF notes on existing systems. I.e. make it really easy to augment security policies on an existing distro, using any filesystem (not just ACL capable ones) and using the binary only. Linux binaries could carry capabilities information, etc. etc. Thanks, Ingo -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists