Re: [patch] Add basic sanity checks to the syscall execution patch

From: Benjamin Herrenschmidt
Date: Fri Sep 05 2008 - 06:57:57 EST

Next message: Ingo Molnar: "Re: [PATH] Fix compilation when CONFIG_TRACE_IRQFLAGS_SUPPORT isnot set"
Previous message: Rafael J. Wysocki: "Re: linux-next: Tree for September 4"
In reply to: pageexec: "Re: [patch] Add basic sanity checks to the syscall execution patch"
Next in thread: Ingo Molnar: "Re: [patch] Add basic sanity checks to the syscall execution patch"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> and that'd be because at the same time they patch the syscall table (remember,
> they already have to go to length to get around the read-only pages), they
> can't also patch this 'protection'? sounds really plausible, right :).
>
> [fixed hpa's address, .org bounces.]

Sure, they can :-)

It's just an idea I had on irc but I tend to agree that it wouldn't have
much effect in practice... regarding security, it will break some
existing rootkits ... until updated ones show up.

Cheers,
Ben.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Ingo Molnar: "Re: [PATH] Fix compilation when CONFIG_TRACE_IRQFLAGS_SUPPORT isnot set"
Previous message: Rafael J. Wysocki: "Re: linux-next: Tree for September 4"
In reply to: pageexec: "Re: [patch] Add basic sanity checks to the syscall execution patch"
Next in thread: Ingo Molnar: "Re: [patch] Add basic sanity checks to the syscall execution patch"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]