Re: [Announcement] "Exec Shield", new Linux security feature

From: Carl-Daniel Hailfinger (c-d.hailfinger.kernel.2003@gmx.net)
Date: Fri May 02 2003 - 16:48:33 EST

Next message: Andy Pfiffer: "Re: 2.5.68-mm4"
Previous message: Arnd Bergmann: "Re: [PATCH] alternative compat_ioctl table implementation"
In reply to: Ingo Molnar: "[Announcement] "Exec Shield", new Linux security feature"
Next in thread: Ingo Molnar: "Re: [Announcement] "Exec Shield", new Linux security feature"
Reply: Ingo Molnar: "Re: [Announcement] "Exec Shield", new Linux security feature"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Ingo Molnar wrote:
>
> Furthermore, the kernel also remaps all PROT_EXEC mappings to the
> so-called ASCII-armor area, which on x86 is the addresses 0-16MB. These
[snipped]
> In the above layout, the highest executable address is 0x01003fff, ie.
> every executable address is in the ASCII-armor.

If my math is correct,
0x01000000 is 16 MB boundary
0x01003fff is outside the ASCII-armor.

Another question:
Last time I checked, there were some problems with binary only drivers
(to name one, NVidia graphics) and a non-executable stack. Has this been
resolved?

Regards,
Carl-Daniel

-- http://www.hailfinger.org/

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/

Next message: Andy Pfiffer: "Re: 2.5.68-mm4"
Previous message: Arnd Bergmann: "Re: [PATCH] alternative compat_ioctl table implementation"
In reply to: Ingo Molnar: "[Announcement] "Exec Shield", new Linux security feature"
Next in thread: Ingo Molnar: "Re: [Announcement] "Exec Shield", new Linux security feature"
Reply: Ingo Molnar: "Re: [Announcement] "Exec Shield", new Linux security feature"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Wed May 07 2003 - 22:00:17 EST