Re: [RFC][PATCH] linux-2.6.2-rc2_vsyscall-gtod_B1.patch

From: Andrea Arcangeli
Date: Thu Feb 05 2004 - 16:48:36 EST


On Wed, Feb 04, 2004 at 04:21:34AM +0000, Jamie Lokier wrote:
> Andi Kleen wrote:
> > Executables are at fixed addresses.
>
> No, they are not.

this won't happen without some cost, the vsyscalls relocation syscall
(the current API extension) as well won't happen without some cost. And
the idea of having the vsyscall fixed per-system makes little sense
since it doesn't protect against the local exploits, so if we add it, it
has to be relocated per-task, so it will have some real cost (doing it
fixed per-system would have zerocost instead).

However I'm unsure if you want all applications to be relocated
ranodmly, and in turn if you want the vsyscalls relocated for all apps,
exactly because this carry a cost. I think it should be optional. I
don't think I want to slowdown to have all my applications relocated.

And really before you can ever care about the relocation, for the
security-critical-apps you should recompile the app with stackguard
immediatly so that you will trap when functions returns and pop an
address, rendering the vsyscall relocation useless too since it'll never
jump there. So before I can ever care about the vsyscalls relocation I
want all security related apps compiled with stackguard, and secondly I
want the ELF executable binary image relocated as well at runtime
randomly. Only then I will bother to add the vsyscall relocation syscall
that will simply allow userspace to define the address where to move the
vsyscall and it'll flush the tlb and allocate a new pte to map the
vsyscall page in there and it'll do the tlb flush and pte update during
context switch. So in short there are a lot higher prio things to take
care of IMHO, before going down to the vsyscall address level.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/