On Thu, Oct 6, 2016 at 2:19 PM, Joe Perches <joe@xxxxxxxxxxx> wrote: > On Thu, 2016-10-06 at 14:00 -0700, Kees Cook wrote: > >> And based on my read of this thread, we all appear to be in violent >> agreement. :) "always protect %p" is absolutely the goal, and we can >> figure out the best way to get there. > > I proposed emitting pointers from the const and text sections by default > and using NULL for data pointers. > > https://lkml.org/lkml/2016/8/5/380 Leaks of const and text (while not useful for write-attacks) can leak KASLR offset (though yes, yes, there are many existing leaks -- but we should avoid adding a new one regardless). I think the logic of "is this destined for userspace" is likely the cleanest approach. There still may be many things this breaks, though. (I expect perf. Everything breaks perf. ;) -Kees -- Kees Cook Nexus Security -- To unsubscribe from this list: send the line "unsubscribe linux-doc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
