Re: [PATCH tip/core/rcu 0/4] Programmatic nestable expedited grace periods

From: Josh Triplett
Date: Sun Feb 22 2015 - 13:49:03 EST

Next message: Jiri Kosina: "Re: live kernel upgrades (was: live kernel patching design)"
Previous message: Vladimir Davydov: "[PATCH 2/4] cleancache: zap uuid arg of cleancache_init_shared_fs"
In reply to: Arjan van de Ven: "Re: [PATCH tip/core/rcu 0/4] Programmatic nestable expedited grace periods"
Next in thread: Josh Triplett: "Re: [PATCH tip/core/rcu 0/4] Programmatic nestable expedited grace periods"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Feb 22, 2015 at 10:31:26AM -0800, Arjan van de Ven wrote:
> >>To show the boot time, I'm using the timestamp of the "Write protecting" line,
> >>that's pretty much the last thing we print prior to ring 3 execution.
> >
> >That's a little sad; we ought to be write-protecting kernel read-only
> >data as *early* as possible.
>
> well... if you are compromised before the first ring 3 instruction...
> .... you have a slightly bigger problem than where in the kernel we write protect things.

Definitely not talking about malicious compromise here; malicious code
could just remove the write protection. However, write-protecting
kernel read-only data also protects against a class of bugs.

- Josh Triplett
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jiri Kosina: "Re: live kernel upgrades (was: live kernel patching design)"
Previous message: Vladimir Davydov: "[PATCH 2/4] cleancache: zap uuid arg of cleancache_init_shared_fs"
In reply to: Arjan van de Ven: "Re: [PATCH tip/core/rcu 0/4] Programmatic nestable expedited grace periods"
Next in thread: Josh Triplett: "Re: [PATCH tip/core/rcu 0/4] Programmatic nestable expedited grace periods"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]