On 03/08/2017 07:40 PM, Kees Cook wrote:
On Mon, Mar 6, 2017 at 10:11 AM, Kees Cook wrote:
On Fri, Mar 3, 2017 at 7:23 PM, Daniel Borkmann wrote:
Latter shows that memory protecting the kernel seems not working either
on i386 (!). Test suite output:
[...]
[ 12.692836] Write protectin
On Mon, Mar 6, 2017 at 10:11 AM, Kees Cook wrote:
> On Fri, Mar 3, 2017 at 7:23 PM, Daniel Borkmann wrote:
>> Latter shows that memory protecting the kernel seems not working either
>> on i386 (!). Test suite output:
>>
>> [...]
>> [ 12.692836] Write protecting the kernel text: 13416k
>>
On 03/06/2017 07:52 PM, David Miller wrote:
From: Daniel Borkmann
Date: Mon, 06 Mar 2017 19:35:47 +0100
I can do a few more tests with the kernel I have. I'm also totally
fine if we drop this patch; it's just rc1, so there's plenty of time
till a final release.
I would really prefer we get t
From: Daniel Borkmann
Date: Mon, 06 Mar 2017 19:35:47 +0100
> I can do a few more tests with the kernel I have. I'm also totally
> fine if we drop this patch; it's just rc1, so there's plenty of time
> till a final release.
I would really prefer we get to the bottom of this rather than apply
the
On Fri, Mar 3, 2017 at 7:23 PM, Daniel Borkmann wrote:
> Since d2852a224050 ("arch: add ARCH_HAS_SET_MEMORY config") and
> 9d876e79df6a ("bpf: fix unlocking of jited image when module ronx
> not set") that uses the former, Fengguang reported random corruptions
> on his i386 test machine [1]. On i3
On 03/06/2017 07:11 PM, Kees Cook wrote:
On Fri, Mar 3, 2017 at 7:23 PM, Daniel Borkmann wrote:
Since d2852a224050 ("arch: add ARCH_HAS_SET_MEMORY config") and
9d876e79df6a ("bpf: fix unlocking of jited image when module ronx
not set") that uses the former, Fengguang reported random corruptions
Since d2852a224050 ("arch: add ARCH_HAS_SET_MEMORY config") and
9d876e79df6a ("bpf: fix unlocking of jited image when module ronx
not set") that uses the former, Fengguang reported random corruptions
on his i386 test machine [1]. On i386 there is no JIT available,
and since his kernel config doesn'
