[Ksummit-discuss] security-related TODO items?
luto at amacapital.net
Mon Jan 23 21:53:18 UTC 2017
On Mon, Jan 23, 2017 at 12:59 PM, Matthew Wilcox <willy6545 at gmail.com> wrote:
> Why put it in the user address space? As I said earlier in this thread, we
> want the facility to run code from kernel addresses in user mode, limited to
> only being able to access its own stack and the user addresses. Of course it
> should also be able to make syscalls, like mmap.
Would you believe I've already started prototyping this (the
kernel-code-in-user-mode part, not the execve part)?
As a practical matter, though, I think the implementation would be
*much* simpler if code running in user mode sees user addresses.
Otherwise we'd end up with very messy and constrained code on
single-address-space arches like x86 and we might not be able to
implement it at all on split-address-space arches like s390.
That being said, writing a bit of PIC code that parses the ELF file,
finds some unused address space, and relocates itself out of the way
shouldn't be *that* hard.
More information about the Ksummit-discuss