Re: [RFC][PATCH] linux-2.6.2-rc2_vsyscall-gtod_B1.patch

[Ulrich Drepper]

Andrea Arcangeli wrote:

> by the same argument the 2.6 i386 vsyscall is not acceptable too since
> it has an hardcoded address too that is the same for all binary kernels
> that you ship, and furthmore it has the sysenter or int 0x80 hardcoded
> at a fixed address to jump into.

You don't read what I write.

The official kernel might have the vdso at a fixed address part no part
of the ABI requires this address and so anybody with some security
conscience can change the kernel to randomize the vdso address.  It's
not my or Ingo's fault that Linus doesn't like the exec-shield code
which would introduce the randomization.  The important aspect is that
we can add vdso randomization and nothing else needs changing.  The same
libc will run6 on a stock kernel and the one with the randomized vdso.
This is not the case on x86-64 where the absolute address for the
gettimeofday is used.

-- 
â Ulrich Drepper â Red Hat, Inc. â 444 Castro St â Mountain View, CA â
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/