On 04/09/2013 11:46 AM, Kees Cook wrote: > > Ah-ha! Yes, I see now when comparing the debug/kernel_page_tables > reports. It's just the High Kernel Mapping that we care about. > Addresses outside that range are less of a leak. Excellent, then GDT > may not be a problem. Whew. > It does beg the question if we need to randomize kmalloc... which could have issues by itself. -hpa -- H. Peter Anvin, Intel Open Source Technology Center I work for Intel. I don't speak on their behalf. _______________________________________________ Virtualization mailing list Virtualization@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/virtualization