| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20151021204522.GB20338@codeblueprint.co.uk> Date: Wed, 21 Oct 2015 21:45:22 +0100 From: Matt Fleming <matt@...eblueprint.co.uk> To: Andy Lutomirski <luto@...capital.net> Cc: Borislav Petkov <bp@...en8.de>, Ard Biesheuvel <ard.biesheuvel@...aro.org>, Ingo Molnar <mingo@...nel.org>, Stephen Smalley <sds@...ho.nsa.gov>, "x86@...nel.org" <x86@...nel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Kees Cook <keescook@...omium.org>, Thomas Gleixner <tglx@...utronix.de>, "H. Peter Anvin" <hpa@...or.com>, Peter Zijlstra <a.p.zijlstra@...llo.nl>, Andy Lutomirski <luto@...nel.org>, Denys Vlasenko <dvlasenk@...hat.com>, Brian Gerst <brgerst@...il.com>, "linux-efi@...r.kernel.org" <linux-efi@...r.kernel.org> Subject: Re: [PATCH v2] x86/mm: warn on W+x mappings On Wed, 21 Oct, at 11:46:53AM, Andy Lutomirski wrote: > > If the UEFI stuff is mapped in its own PGD entry, we could just RO > that entire PGD entry everywhere except the UEFI pgd (and make sure to > clear G so that the TLB entries get zapped). What would be the benefit of making it RO as opposed to not having it mapped at all? The mappings only exist in the trampoline_pgd right now for x86 which minimizes the potentially vulnerable code paths to the EFI runtime calls and the suspend/resume code. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists