subject:"\[PATCH\] ARM\: vdso\: Mark vDSO code as read\-only"

Re: [PATCH] ARM: vdso: Mark vDSO code as read-only

2016-02-18 Thread PaX Team

On 17 Feb 2016 at 15:48, Kees Cook wrote: > On Wed, Feb 17, 2016 at 3:43 PM, David Brown wrote: > > Is there a possible future consideration to perhaps make .rodata read > > only much earlier? > > Yeah, this will likely be a future improvement. Some architectures > already mark .rodata before t

Re: [PATCH] ARM: vdso: Mark vDSO code as read-only

2016-02-17 Thread Kees Cook

On Wed, Feb 17, 2016 at 3:43 PM, David Brown wrote: > On Wed, Feb 17, 2016 at 03:00:52PM -0800, Kees Cook wrote: >> >> On Tue, Feb 16, 2016 at 9:20 PM, David Brown >> wrote: >>> >>> On Tue, Feb 16, 2016 at 01:52:33PM -0800, Kees Cook wrote: On Tue, Feb 16, 2016 at 1:36 PM, David Br

Re: [PATCH] ARM: vdso: Mark vDSO code as read-only

2016-02-17 Thread David Brown

On Wed, Feb 17, 2016 at 03:00:52PM -0800, Kees Cook wrote: On Tue, Feb 16, 2016 at 9:20 PM, David Brown wrote: On Tue, Feb 16, 2016 at 01:52:33PM -0800, Kees Cook wrote: On Tue, Feb 16, 2016 at 1:36 PM, David Brown wrote: Although the arm vDSO is cleanly separated by code/data with the cod

Re: [PATCH] ARM: vdso: Mark vDSO code as read-only

2016-02-17 Thread Kees Cook

On Tue, Feb 16, 2016 at 9:20 PM, David Brown wrote: > On Tue, Feb 16, 2016 at 01:52:33PM -0800, Kees Cook wrote: >> >> On Tue, Feb 16, 2016 at 1:36 PM, David Brown >> wrote: >>> >>> Although the arm vDSO is cleanly separated by code/data with the code >>> being read-only in userspace mappings, th

Re: [PATCH] ARM: vdso: Mark vDSO code as read-only

2016-02-16 Thread David Brown

On Tue, Feb 16, 2016 at 01:52:33PM -0800, Kees Cook wrote: On Tue, Feb 16, 2016 at 1:36 PM, David Brown wrote: Although the arm vDSO is cleanly separated by code/data with the code being read-only in userspace mappings, the code page is still writable from the kernel. There have been exploits

Re: [PATCH] ARM: vdso: Mark vDSO code as read-only

2016-02-16 Thread Kees Cook

On Tue, Feb 16, 2016 at 1:36 PM, David Brown wrote: > Although the arm vDSO is cleanly separated by code/data with the code > being read-only in userspace mappings, the code page is still writable > from the kernel. There have been exploits (such as > http://itszn.com/blog/?p=21) that take advant

[PATCH] ARM: vdso: Mark vDSO code as read-only

2016-02-16 Thread David Brown

Although the arm vDSO is cleanly separated by code/data with the code being read-only in userspace mappings, the code page is still writable from the kernel. There have been exploits (such as http://itszn.com/blog/?p=21) that take advantage of this on x86 to go from a bad kernel write to full roo

Re: [PATCH] ARM: vdso: Mark vDSO code as read-only

Re: [PATCH] ARM: vdso: Mark vDSO code as read-only

Re: [PATCH] ARM: vdso: Mark vDSO code as read-only

Re: [PATCH] ARM: vdso: Mark vDSO code as read-only

Re: [PATCH] ARM: vdso: Mark vDSO code as read-only

Re: [PATCH] ARM: vdso: Mark vDSO code as read-only

[PATCH] ARM: vdso: Mark vDSO code as read-only

7 matches

Site Navigation

Mail list logo

Footer information