Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752718AbeAETFj (ORCPT + 1 other); Fri, 5 Jan 2018 14:05:39 -0500 Received: from mail.skyhub.de ([5.9.137.197]:43446 "EHLO mail.skyhub.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752232AbeAETFi (ORCPT ); Fri, 5 Jan 2018 14:05:38 -0500 Date: Fri, 5 Jan 2018 20:05:32 +0100 From: Borislav Petkov To: Andy Lutomirski Cc: X86 ML , LKML , Kees Cook , Peter Zijlstra , Greg Kroah-Hartman Subject: Re: [RFC] selftests/x86: Add test_vsyscall Message-ID: <20180105190532.anqa2psj65dmlc4u@pd.tnic> References: <17c5ebeb2e00879b0af1a9c32bf37ecdd9b9b31b.1515130397.git.luto@kernel.org> <20180105123329.vnh7hbvigbfv6icd@pd.tnic> <20180105182354.ishv3rkdsi2fsujs@pd.tnic> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: User-Agent: NeoMutt/20170609 (1.8.3) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Return-Path: On Fri, Jan 05, 2018 at 10:47:15AM -0800, Andy Lutomirski wrote: > The remaining problem is that, for certain classes of userspace bugs, > an attacker can take advantage of the vsyscall page's existence at a > fixed address to cause mischief. So opting out of having it be there > could be helpful to mitigate attacks. I understand that but how do you shoo people off the vsyscall page? You need to tell old binaries about the per-process disablement and new binaries to move to vdso. Hmmm, add big fat warnings to vsyscall_64.c? -- Regards/Gruss, Boris. Good mailing practices for 400: avoid top-posting and trim the reply.