Re: [kernel-hardening] [PATCH 4/6] Protectable Memory

From: Kees Cook
Date: Tue Feb 13 2018 - 16:43:56 EST

Next message: Shuah Khan: "[PATCH] selftests: memory-hotplug: silence test command echo"
Previous message: Waiman Long: "Re: [PATCH] kthread: Export kthread_data()"
In reply to: Laura Abbott: "Re: [kernel-hardening] [PATCH 4/6] Protectable Memory"
Next in thread: Laura Abbott: "arm64 physmap (was Re: [kernel-hardening] [PATCH 4/6] Protectable Memory)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Feb 13, 2018 at 8:09 AM, Laura Abbott <labbott@xxxxxxxxxx> wrote:
> No, arm64 doesn't fixup the aliases, mostly because arm64 uses larger
> page sizes which can't be broken down at runtime. CONFIG_PAGE_POISONING
> does use 4K pages which could be adjusted at runtime. So yes, you are
> right we would have physmap exposure on arm64 as well.

Errr, so that means even modules and kernel code are writable via the
arm64 physmap? That seems extraordinarily bad. :(

-Kees

--
Kees Cook
Pixel Security

Next message: Shuah Khan: "[PATCH] selftests: memory-hotplug: silence test command echo"
Previous message: Waiman Long: "Re: [PATCH] kthread: Export kthread_data()"
In reply to: Laura Abbott: "Re: [kernel-hardening] [PATCH 4/6] Protectable Memory"
Next in thread: Laura Abbott: "arm64 physmap (was Re: [kernel-hardening] [PATCH 4/6] Protectable Memory)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]