On 1/5/2017 8:40 AM, Thomas Garnier wrote:
Well, it happens only when KASLR memory randomization is enabled. Do you think it should have a separate config option?
no I would want it a runtime option.... "sgdt from ring 3" is going away with UMIP (and is already possibly gone in virtual machines, see https://lwn.net/Articles/694385/) and for those cases it would be a shame to lose the randomization
