Source-Changes-D archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: CVS commit: src/sys/arch
Le 03/08/2017 à 22:38, Joerg Sonnenberger a écrit :
On Thu, Aug 03, 2017 at 04:20:45PM +0200, Maxime Villard wrote:
I was more thinking in terms of a single page in kernel VA, not in user
VA. That would side step most of the issues with dynamic LDT or having
to patch up the default LDT on context switches. That said, the latter
wouldn't be that difficult either, given that we already do that for the
GDT.
Mmh, not sure what you mean. If you mean a page that is a kernel page (in the
sense of not having PG_u), then it's a privileged call gate, and we're back
on the first issue (being in kernel mode, with user segment registers, and
interrupts enabled). If you mean a page this a userland page (with PG_u), but
located in the kernel VA range, that's not a good idea: it all of a sudden
makes the map less consistent, and it is more complicated since the upper
levels of the page tree need to have PG_u too.
I was thinking of a page in the kernel VA range that is accessible for
userland. I thought we had some of those already for the comm page, but
I might be misremember.
Ok, so it was my second guess. As I said, I don't think it's a good idea if
we start mixing userland-kernel VAs. As far as I can tell, it is not already
the case - if it were, I would have probably tried to fix it, because it is
error-prone.
We can also put it at the top of the user VA
range of course, i.e. where the stack used to originate.
We can; but this would be an executable page at a fixed location, and by
definition it violates ASLR. Even more so if the page happens to contain
instruction patterns suitable for all kinds of exploits...
Maxime
Home |
Main Index |
Thread Index |
Old Index