tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Restricting rdtsc [was: kernel aslr]

On Tue, Mar 28, 2017 at 10:36:52PM +0200, Maxime Villard wrote:
> I already thought about this a few months ago, and my conclusion back then
> was that it is very difficult to achieve if we want both good performance
> and good security. This is a little off-topic, but the idea would consist in
> having two identical kernel text segments mapped at different addresses. Only
> one kernel is active at a time. Every once in a while we randomize the other
> kernel, wait for interrupts to happen in the currently running lwps, and
> migrate these lwps to the new kernel, dropping refcounts along the way. When
> it reaches zero, everybody uses the new kernel, and we unmap the previous
> one. And we keep jumping between kernels this way regularly. I also had other
> magic tricks for .data and .rodata, but that's another debate.

This would be a step in the direction of allowing updating running
kernels, wouldn't it?

Home | Main Index | Thread Index | Old Index