• Andy Lutomirski's avatar
    x86-64: Give vvars their own page · 9fd67b4e
    Andy Lutomirski authored
    Move vvars out of the vsyscall page into their own page and mark
    it NX.
    
    Without this patch, an attacker who can force a daemon to call
    some fixed address could wait until the time contains, say,
    0xCD80, and then execute the current time.
    Signed-off-by: default avatarAndy Lutomirski <luto@mit.edu>
    Cc: Jesper Juhl <jj@chaosbits.net>
    Cc: Borislav Petkov <bp@alien8.de>
    Cc: Linus Torvalds <torvalds@linux-foundation.org>
    Cc: Arjan van de Ven <arjan@infradead.org>
    Cc: Jan Beulich <JBeulich@novell.com>
    Cc: richard -rw- weinberger <richard.weinberger@gmail.com>
    Cc: Mikael Pettersson <mikpe@it.uu.se>
    Cc: Andi Kleen <andi@firstfloor.org>
    Cc: Brian Gerst <brgerst@gmail.com>
    Cc: Louis Rilling <Louis.Rilling@kerlabs.com>
    Cc: Valdis.Kletnieks@vt.edu
    Cc: pageexec@freemail.hu
    Link: http://lkml.kernel.org/r/b1460f81dc4463d66ea3f2b5ce240f58d48effec.1307292171.git.luto@mit.eduSigned-off-by: default avatarIngo Molnar <mingo@elte.hu>
    9fd67b4e
vvar.h 1.49 KB