Re: [PATCHv2 2/2] x86: SROP mitigation: implement signal cookies

From: Andi Kleen
Date: Tue Feb 09 2016 - 15:45:58 EST


> Is this compatible with existing userspace? CRIU and DOSEMU seem like
> things that are likely to blow up to me.

It should at least make it a sysctl.

>
> We may need to make this type of mitigation be opt-in. I'm already
> vaguely planning an opt-in mitigation framework for vsyscall runtime
> disablement, and this could use the same opt-in mechanism.

Generally asking people to rely on frame works that don't exist
is not good review feedback.

-Andi
--
ak@xxxxxxxxxxxxxxx -- Speaking for myself only