On Tue, Jul 21, 2015 at 11:27 PM, Ingo Molnar wrote:
>
> * Andy Lutomirski wrote:
>
>> On Tue, Jul 21, 2015 at 11:06 PM, Ingo Molnar wrote:
>> >
>> > * Andy Lutomirski wrote:
>> >
>> >> On Tue, Jul 21, 2015 at 1:28 PM, Brian Gerst wrote:
>> >> > On Tue, Jul 21, 2015 at 3:59 PM, Andy Lutomirski
On Tue, Jul 21, 2015 at 11:23:02PM -0700, Andy Lutomirski wrote:
> >> >> +config MODIFY_LDT_SYSCALL
> >> >> + bool "Enable the LDT (local descriptor table)" if EXPERT
> >> >> + default y
> >> >> + ---help---
> >> >> + Linux can allow user programs to install a per-process
* Andy Lutomirski wrote:
> On Tue, Jul 21, 2015 at 11:06 PM, Ingo Molnar wrote:
> >
> > * Andy Lutomirski wrote:
> >
> >> On Tue, Jul 21, 2015 at 1:28 PM, Brian Gerst wrote:
> >> > On Tue, Jul 21, 2015 at 3:59 PM, Andy Lutomirski wrote:
> >> >>
> >> >> The modify_ldt syscall exposes a large
On Tue, Jul 21, 2015 at 11:06 PM, Ingo Molnar wrote:
>
> * Andy Lutomirski wrote:
>
>> On Tue, Jul 21, 2015 at 1:28 PM, Brian Gerst wrote:
>> > On Tue, Jul 21, 2015 at 3:59 PM, Andy Lutomirski wrote:
>> >>
>> >> The modify_ldt syscall exposes a large attack surface and is unnecessary
>> >> for
* Andy Lutomirski wrote:
> On Tue, Jul 21, 2015 at 1:28 PM, Brian Gerst wrote:
> > On Tue, Jul 21, 2015 at 3:59 PM, Andy Lutomirski wrote:
> >>
> >> The modify_ldt syscall exposes a large attack surface and is unnecessary
> >> for
> >> modern userspace. Make it optional.
> >>
> >> Signed-of
On Tue, Jul 21, 2015 at 4:34 PM, Andy Lutomirski wrote:
> On Tue, Jul 21, 2015 at 1:28 PM, Brian Gerst wrote:
>> On Tue, Jul 21, 2015 at 3:59 PM, Andy Lutomirski wrote:
>>> The modify_ldt syscall exposes a large attack surface and is
>>> unnecessary for modern userspace. Make it optional.
>>>
>
On Tue, Jul 21, 2015 at 1:28 PM, Brian Gerst wrote:
> On Tue, Jul 21, 2015 at 3:59 PM, Andy Lutomirski wrote:
>> The modify_ldt syscall exposes a large attack surface and is
>> unnecessary for modern userspace. Make it optional.
>>
>> Signed-off-by: Andy Lutomirski
>> ---
>> arch/x86/Kconfig
On Tue, Jul 21, 2015 at 3:59 PM, Andy Lutomirski wrote:
> The modify_ldt syscall exposes a large attack surface and is
> unnecessary for modern userspace. Make it optional.
>
> Signed-off-by: Andy Lutomirski
> ---
> arch/x86/Kconfig | 17 +
> arch/x86/include/a
On Tue, Jul 21, 2015 at 1:20 PM, Sasha Levin wrote:
> On 07/21/2015 03:59 PM, Andy Lutomirski wrote:
>> The modify_ldt syscall exposes a large attack surface and is
>> unnecessary for modern userspace. Make it optional.
>
> Since this a "default y" option I think we need to make the
> implication
On 07/21/2015 03:59 PM, Andy Lutomirski wrote:
> The modify_ldt syscall exposes a large attack surface and is
> unnecessary for modern userspace. Make it optional.
Since this a "default y" option I think we need to make the
implications of this a bit clearer.
Do we know what userspace would brea
10 matches
Mail list logo
