On Fri, Dec 21, 2012 at 2:28 PM, H. Peter Anvin wrote:
> On 12/21/2012 02:26 PM, Yinghai Lu wrote:
>> On Fri, Dec 21, 2012 at 2:23 PM, H. Peter Anvin wrote:
>>> On 12/21/2012 02:22 PM, Yinghai Lu wrote:
please check attached patch that set NX for data/bss/brk with 64bit.
>>>
>>> T
On 12/21/2012 02:26 PM, Yinghai Lu wrote:
> On Fri, Dec 21, 2012 at 2:23 PM, H. Peter Anvin wrote:
>> On 12/21/2012 02:22 PM, Yinghai Lu wrote:
>>>
>>> please check attached patch that set NX for data/bss/brk with 64bit.
>>>
>>
>> This is on top of for-x86-boot I presume?
>
> yes, but should work
On Fri, Dec 21, 2012 at 2:23 PM, H. Peter Anvin wrote:
> On 12/21/2012 02:22 PM, Yinghai Lu wrote:
>>
>> please check attached patch that set NX for data/bss/brk with 64bit.
>>
>
> This is on top of for-x86-boot I presume?
yes, but should work on current linus tree.
Do we want one that handle lo
On 12/21/2012 02:22 PM, Yinghai Lu wrote:
>
> please check attached patch that set NX for data/bss/brk with 64bit.
>
This is on top of for-x86-boot I presume?
-hpa
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.ker
On Fri, Dec 21, 2012 at 1:26 PM, Yinghai Lu wrote:
> On Fri, Dec 21, 2012 at 9:36 AM, H. Peter Anvin wrote:
>> We should NEVER have RW + x at the same time (at least when the kernel
>> is compiled properly.) Looks like your patch does get rid of a bunch of
>> stuff in the low mapping -- although
On Fri, Dec 21, 2012 at 9:36 AM, H. Peter Anvin wrote:
> We should NEVER have RW + x at the same time (at least when the kernel
> is compiled properly.) Looks like your patch does get rid of a bunch of
> stuff in the low mapping -- although the low mapping really should never
> be +x at all -- bu
On 12/21/2012 09:28 AM, Yinghai Lu wrote:
>
> which line?
>
> 0x8300-0x83c0 12M RW PSE
> GLB x pmd
>
> my kernel INIT_SIZE is 27M, and it includes everything that i needed
> in the kernel.
>
We should NEVER have RW + x at the same time (at least
On Fri, Dec 21, 2012 at 9:01 AM, H. Peter Anvin wrote:
> On 12/20/2012 10:27 PM, Yinghai Lu wrote:
>>
>>
>> after for-x86-boot we will have
>> ---[ Low Kernel Mapping ]---
>> 0x8800-0x88099000 612K RW GLB
>> NX pte
>> 0x88099000-0x8809a00
On 12/20/2012 10:27 PM, Yinghai Lu wrote:
after for-x86-boot we will have
---[ Low Kernel Mapping ]---
0x8800-0x88099000 612K RW GLB NX pte
0x88099000-0x8809a000 4K ro GLB NX pte
0x8809a000-0x88
On Thu, Dec 20, 2012 at 8:44 PM, H. Peter Anvin wrote:
> I just looked at a /sys/kernel/debug/kernel_page_tables dump and there
> are a bunch of pages which are RWX:
>
> 0x8800-0x88097000 604K RW GLB x pte
> 0x8809d000-0x8820 1420K RW
On 12/20/2012 07:00 PM, Kees Cook wrote:
This change for pre-v3.5 creates a new exception table instead of
trying to rewrite the old one. Since the tables are now relative,
we can't actually set up an exception for things in stack and heap on
x86_64 since the distance between the address and the
Wtf...
Kees Cook wrote:
>On Thu, Dec 20, 2012 at 7:00 PM, Kees Cook
>wrote:
>> While trying to fix test_nx, I discovered that it looks like stack
>and
>> heap are executable again (at least on x86_64). :( I tried to bisect
>
>Btw, this ends up looking like this on v3.4:
>
>[2.486223] test_n
On Thu, Dec 20, 2012 at 7:00 PM, Kees Cook wrote:
> While trying to fix test_nx, I discovered that it looks like stack and
> heap are executable again (at least on x86_64). :( I tried to bisect
Btw, this ends up looking like this on v3.4:
[2.486223] test_nx: Testing NX protection ...
[2.
This patch only works up until 706276543b699d80f546e45f8b12574e7b18d952
(v3.5), where the exception tables are made relative. Prior to that,
stock test_nx didn't work because of 84e1c6bb38eb318e456558b610396d9f1afaabf0
(v2.6.38) makes the table read-only.
While trying to fix test_nx, I discovered
14 matches
Mail list logo
