Re: [kernel-hardening] [RFC, PATCH] x86_64: KAISER - do not map kernel in user mode

From: Daniel Gruss
Date: Sat May 06 2017 - 04:29:07 EST

On 2017-05-05 17:53, Jann Horn wrote:
Ah, I think I understand. The kernel stacks are mapped, but
cpu_current_top_of_stack isn't, so you can't find the stack until after the CR3
switch in the syscall handler?

That's the idea. Only the absolute minimum that is required for a context switch remains mapped (+ it is mapped at an offset which does not depend on KASLR -> we do not leak the KASLR offsets).