On Tue, Aug 23, 2011 at 06:58:18PM +0200, Richard Weinberger wrote:
What about this hack/solution?
While booting UML can check whether the host's vDSO contains
a SYSCALL instruction.
If so, UML will not make the host's vDSO available to it's
processes...
Note that this is *only* for 32bit side of things. 64bit one works fine...
I wouldn't search for SYSCALL in vdso, BTW - not when we have a good way
to trigger that crap and recognize it.
At boot time, fork a child. Have it traced with PTRACE_SYSCALL. Let it
put recognizable values in registers and call __kernel_vsyscall(). Then
let the parent do one more PTRACE_SYSCALL, then PTRACE_POKEUSER and set ebp
to 0x69696969. PTRACE_CONT the sucker and let it report what it sees in ecx.
If it's what we'd put there - fine, it looks safe. If it's 0x69696969 -
we have a problem, no vdso for us.