On Thursday 18 May 2006 09:08, Gerd Hoffmann wrote:
> Rusty Russell wrote:
> > So, is everyone happy with this smerge of Ingo and Gerd's work?
>
> Yes.
>
> > I'm not against it, but it needs tons of testing in -mm first.
> >
> > Since the vsyscall page has been at a fixed address, there might be
> > real programs that hardcoded it etc.
>
> Exploits *grin*?
The security argument seems quite bogus to me for this because you'll never
find enough bits to be reasonably secure in the limited 32bit space.
The brute force complexity will be always very low.
What worries me more is this:
+ down_write(&mm->mmap_sem);
+ addr = get_unmapped_area(NULL, 0, PAGE_SIZE, 0, 0);
+ if (IS_ERR_VALUE(addr)) {
+ ret = addr;
+ goto up_fail;
+ }
You will have it somewhere early in address space? That might really
break programs.
>
> Well, given that xen kernels currently have the vsyscall page at another
> (fixed) address I don't expect stuff break due to a hardcoded vsyscall
> page address.
x86-64 kernels have the 32bit page also at another address and I haven't
heard of a problem from that yet. Sometimes people do strange things
with ptrace though so better make sure that still works.
-Andi
