tech-kern archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: jit code and securelevel
Christos Zoulas wrote:
> In article <20150101153259.GA2442@neva>,
> Alexander Nasonov <alnsn%yandex.ru@localhost> wrote:
> >I don't remember seeing a policy on disabling jit code at securelevel
> >1 or higher. Is it something we should add?
>
> I am not sure that we should add it because the code it generates is tightly
> conrolled by the kernel.
On a (misconfigured) system with enhanced permissions for tcpdump or
for some other pcap program, one can craft a special JIT code to help them
exploit a bug in the kernel:
http://mainisusuallyafunction.blogspot.com/2012/11/attacking-hardened-linux-systems-with.html
Function pointer of jit code is readable via kmem.
Alex
Home |
Main Index |
Thread Index |
Old Index