| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20240723170043.4f17a3d0b6280e57561ba1f5@linux-foundation.org> Date: Tue, 23 Jul 2024 17:00:43 -0700 From: Andrew Morton <akpm@...ux-foundation.org> To: Matthew Wilcox <willy@...radead.org> Cc: Mary Strodl <mstrodl@...edom.csh.rit.edu>, Christian Gmeiner <christian.gmeiner@...il.com>, Christoph Hellwig <hch@...radead.org>, Mary Strodl <mstrodl@....rit.edu>, linux-kernel@...r.kernel.org, urezki@...il.com, linux-mm@...ck.org, lee@...nel.org, andi.shyti@...nel.org, linux-i2c@...r.kernel.org, s.hauer@...gutronix.de Subject: Re: [PATCH 1/3] mm: vmalloc: export __vmalloc_node_range On Fri, 19 Jul 2024 13:42:40 +0100 Matthew Wilcox <willy@...radead.org> wrote: > On Fri, Jul 19, 2024 at 07:58:40AM -0400, Mary Strodl wrote: > > Maybe some of the stuff the driver does right now could be moved into > > vmalloc? In other words, we could provide a different function that > > allocates an executable page, copies memory into it, then marks it > > read-only. Would that do better to alleviate concerns? > > No. We are not running arbitrary x86 code. That is a security > nightmare. Sure, if such a thing were to be done we'd want it localized within the driver rather than offered globally. But if there was some hack within the driver to do this, what problems might that cause? What are the scenarios?
Powered by blists - more mailing lists