Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752389AbeAESYB (ORCPT + 1 other); Fri, 5 Jan 2018 13:24:01 -0500 Received: from mail.skyhub.de ([5.9.137.197]:41706 "EHLO mail.skyhub.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750739AbeAESYA (ORCPT ); Fri, 5 Jan 2018 13:24:00 -0500 Date: Fri, 5 Jan 2018 19:23:54 +0100 From: Borislav Petkov To: Andy Lutomirski Cc: X86 ML , LKML , Kees Cook , Peter Zijlstra , Greg Kroah-Hartman Subject: Re: [RFC] selftests/x86: Add test_vsyscall Message-ID: <20180105182354.ishv3rkdsi2fsujs@pd.tnic> References: <17c5ebeb2e00879b0af1a9c32bf37ecdd9b9b31b.1515130397.git.luto@kernel.org> <20180105123329.vnh7hbvigbfv6icd@pd.tnic> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: User-Agent: NeoMutt/20170609 (1.8.3) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Return-Path: On Fri, Jan 05, 2018 at 09:53:16AM -0800, Andy Lutomirski wrote: > emulate_noread would avoid one exploit technique that Kees saw > somewhere. And per-process disablement would let a system remain > compatible with old binaries without reducing security for newer > binaries. Or we can simply say new binaries can switch to the vdso. Because this way, vsyscall will never really be phased out - new shit will simply keep using it. -- Regards/Gruss, Boris. Good mailing practices for 400: avoid top-posting and trim the reply.