On Thu, Jan 30, 2014 at 10:03 AM, H. Peter Anvin <h...@zytor.com> wrote: > On 01/30/2014 09:57 AM, Andy Lutomirski wrote: >> >> By definition there aren't any broken users of the new functions, >> because there aren't any users at all. So... should we start >> randomizing this thing from the beginning? >> > > The vdso already exists. It isn't new. Randomizing it might be a good > idea, though; it already is randomized on 64 bits. > >> Also, since the VVAR page has a real vma, should something be done to >> prevent mprotect or ptrace from COWing it? Users will be rather >> surprised if it suddenly stops updating. > > What happens currently on 64 bits? I think we just take the attitude > that "don't do that, then", and it hasn't seemed to be a problem.
On 64 bits, the vvar page is not part of the vdso vma -- it lives in the fixmap. So mprotect will return -EINVAL, I think. With IA32 emulation, the vvar page has to live in the user address space range (since there is no user-addressable kernel space), so it seems more likely that user code will at least try to poke at it. > >> Finally, this might be the time to kill off the userspace mapping of >> the HPET. I suspect that there are few if any machines for which the >> HPET is fast enough that avoiding a syscall matters at all. (On my >> box at work, reading the HPET takes ~500 nanoseconds. I can do a lot >> of syscalls in that amount of time.) > > I think this can be independent of extending the current 64-bit > functionality to 32 bits. It is a valid question, though. My thinking is that if we do it now then there will never be a caller of vclock_gettime that can't deal with it being randomized. Admittedly, this isn't too likely regardless. --Andy > > -hpa > -- Andy Lutomirski AMA Capital Management, LLC -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
