Re: [PATCH 7/9] Pmalloc Rare Write: modify selected pools

2018-04-24 Thread lazytyped
On 4/24/18 1:50 PM, Matthew Wilcox wrote: > struct modifiable_data { > struct immutable_data *d; > ... > }; > > Then allocate a new pool, change d and destroy the old pool. With the above, you have just shifted the target of the arbitrary write from the immutable data itself to the p

Re: [PATCH 7/9] Pmalloc Rare Write: modify selected pools

2018-04-24 Thread lazytyped
On 4/24/18 4:44 PM, Matthew Wilcox wrote: > On Tue, Apr 24, 2018 at 02:32:36PM +0200, lazytyped wrote: >> On 4/24/18 1:50 PM, Matthew Wilcox wrote: >>> struct modifiable_data { >>> struct immutable_data *d; >>> ... >>> }; >>> >

Re: [RFC PATCH] Randomization of address chosen by mmap.

2018-02-27 Thread lazytyped
On 2/27/18 9:52 PM, Kees Cook wrote: > I'd like more details on the threat model here; if it's just a matter > of .so loading order, I wonder if load order randomization would get a > comparable level of uncertainty without the memory fragmentation, This also seems to assume that leaking the add