Re: [kernel-hardening] Re: [PATCH v3 00/13] Virtually mapped stacks with guard pages (x86, core)

From: Rik van Riel
Date: Tue Jun 21 2016 - 14:20:35 EST

Next message: Dmitry Vyukov: "Re: kvm: GPF in kvm_irq_map_gsi"
Previous message: Johannes Weiner: "Re: [PATCH cgroup/for-4.8] cgroup: allow NULL return from ss->css_alloc()"
In reply to: Kees Cook: "Re: [PATCH v3 00/13] Virtually mapped stacks with guard pages (x86, core)"
Next in thread: Andy Lutomirski: "Re: [PATCH v3 00/13] Virtually mapped stacks with guard pages (x86, core)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 2016-06-21 at 11:12 -0700, Kees Cook wrote:
> On Tue, Jun 21, 2016 at 10:27 AM, Andy Lutomirski
> <luto@xxxxxxxxxxxxxx> wrote:
> > FWIW, it may be a while before this can be enabled in distro
> > kernels.
> > There are some code paths (*cough* crypto users *cough*) that think
> > that calling sg_init_one with a stack address is a reasonable thing
> > to
> > do, and it doesn't work with a vmalloced stack.ÂÂgrsecurity works
> ... O_o ...
>
> Why does it not work on a vmalloced stack??

Because virt_to_page() does not work on vmalloced
memory.

--
All Rights Reversed.

Attachment: signature.asc
Description: This is a digitally signed message part

Next message: Dmitry Vyukov: "Re: kvm: GPF in kvm_irq_map_gsi"
Previous message: Johannes Weiner: "Re: [PATCH cgroup/for-4.8] cgroup: allow NULL return from ss->css_alloc()"
In reply to: Kees Cook: "Re: [PATCH v3 00/13] Virtually mapped stacks with guard pages (x86, core)"
Next in thread: Andy Lutomirski: "Re: [PATCH v3 00/13] Virtually mapped stacks with guard pages (x86, core)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]