Re: [PATCH RFC v4 net-next 01/26] net: filter: add "load 64-bit immediate" eBPF instruction

[Andy Lutomirski]

On Wed, Aug 13, 2014 at 2:21 PM, H. Peter Anvin <hpa@xxxxxxxxx> wrote:
> One thing about this that may be a serious concern: allowing the user to
> control 8 contiguous bytes of kernel memory may be a security hazard.

I'm confused.  What kind of memory?  I can control a lot more than 8
bytes of stack very easily.

Or are you concerned about 8 contiguous bytes of *executable* memory?

--Andy
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/