Re: CVS commit: src/sys/kern

To: source-changes-d%NetBSD.org@localhost
Subject: Re: CVS commit: src/sys/kern
From: christos%astron.com@localhost (Christos Zoulas)
Date: Mon, 3 Dec 2018 19:28:47 +0000 (UTC)

In article <20181203191043.Zou-_%steffen%sdaoden.eu@localhost>,
Steffen Nurpmeso  <steffen%sdaoden.eu@localhost> wrote:
>Manuel Bouyer wrote in <20181203183537.GA1562%antioche.eu.org@localhost>:
> |On Mon, Dec 03, 2018 at 12:54:26PM +0100, Maxime Villard wrote:
> |> In other words, 80% of KASLR is enabled by default, regardless of #ifdef
> |> KASLR. Therefore, it is wrong to add an ifdef, because in either case we
> |
> |So there's no way to completely disable KASLR now ?
> |Although I admit it's usefull to have it on by default, there should \
> |be a way
> |to turn it off for low-level debugging
>
>As an idiot from user space only: why is layout randomization
>still something desirable now that kernel and user address space
>is totally, cleanly and completely separated, and caches etc. are
>flushed upon context-switches and system calls?  It is like that,
>right?

Because KVM reading or sysctl sometimes expose kernel addresses to
userland (some utilities still depend on that to function properly),
and that defeats KASLR (there is a way to find where the kernel was
loaded from userland -- to put it simplistically).

christos

References:
- Re: CVS commit: src/sys/kern
  - From: Maxime Villard
- Re: CVS commit: src/sys/kern
  - From: Manuel Bouyer
- Re: CVS commit: src/sys/kern
  - From: Steffen Nurpmeso

Prev by Date: Re: CVS commit: src/sys/kern
Next by Date: Re: CVS commit: src/sys/kern
Previous by Thread: Re: CVS commit: src/sys/kern
Next by Thread: Re: CVS commit: src/sys/kern
Indexes:

Home | Main Index | Thread Index | Old Index