tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: UVM and the NULL page

To: tech-kern%netbsd.org@localhost
Subject: Re: UVM and the NULL page
From: Joerg Sonnenberger <joerg%bec.de@localhost>
Date: Thu, 28 Jul 2016 22:13:59 +0200

On Thu, Jul 28, 2016 at 08:43:54PM +0200, Wolfgang Solfrank wrote:
> Hi,
> 
> > Currently, there is no real way to make sure a userland process won't be
> > able to allocate the NULL page.
> 
> Why should this be restricted?

It matters on architectures with shared user/kernel VA. If you can map
something to (void *)0, you can turn many dereferences of such address
into exploits.

Joerg

References:
- UVM and the NULL page
  - From: Maxime Villard
- Re: UVM and the NULL page
  - From: Wolfgang Solfrank

Prev by Date: Re: UVM and the NULL page
Next by Date: Re: UVM and the NULL page
Previous by Thread: Re: UVM and the NULL page
Next by Thread: Re: UVM and the NULL page
Indexes:

Home | Main Index | Thread Index | Old Index