On Sun, Feb 22, 2015 at 10:31:26AM -0800, Arjan van de Ven wrote: > >>To show the boot time, I'm using the timestamp of the "Write protecting" > >>line, > >>that's pretty much the last thing we print prior to ring 3 execution. > > > >That's a little sad; we ought to be write-protecting kernel read-only > >data as *early* as possible. > > well... if you are compromised before the first ring 3 instruction... > .... you have a slightly bigger problem than where in the kernel we write > protect things.
Definitely not talking about malicious compromise here; malicious code could just remove the write protection. However, write-protecting kernel read-only data also protects against a class of bugs. - Josh Triplett -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
