tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]



As I understand it, on intel cpus and possibly more, we'll need to unmap
the kernel on userret, or else userland can read arbitrary kernel

People seem to be mentioning a 50% performance penalty and we might do
worse (we don't have vDSOs...)

Also, I understand that to exploit this, one has to attempt to access
kernel memory a lot, and SEGV at least once per bit.

I wonder if we can count the number of SEGVs and if we get a few, turn
on the workaround? that would at least spare us the performance penalty
for normal code.

Home | Main Index | Thread Index | Old Index