On Fri, Apr 5, 2013 at 3:08 PM, H. Peter Anvin <h...@zytor.com> wrote: > On 04/05/2013 03:06 PM, Julien Tinnes wrote: >> >> Speaking of IDT, and to capture some off-thread discussion here, we >> should remember that the "SGDT" and "SIDT" instructions aren't >> privileged on x86, so user-land can leak these out without any way for >> the kernel to intercept that. >> >> Adding their own random offsets to these two tables would be very >> useful. This could be done in a later patchset of course. >> > > Yes, if the GDT or IDT position is at all correlated to the kernel > position this is pointless.
Let's say it's less useful :) Remote attacks and from-inside-a-VM attack would still be mitigated. Julien -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/