Re: [kernel-hardening] [PATCH 0/2] introduce post-init read-only memory

From: Linus Torvalds
Date: Fri Nov 27 2015 - 13:03:11 EST

Next message: Felipe Ferreri Tonello: "Re: [PATCH v5 7/7] usb: gadget: f_midi: pre-allocate IN requests"
Previous message: Linus Torvalds: "Re: [kernel-hardening] [PATCH 0/2] introduce post-init read-only memory"
In reply to: Linus Torvalds: "Re: [kernel-hardening] [PATCH 0/2] introduce post-init read-only memory"
Next in thread: Kees Cook: "Re: [kernel-hardening] [PATCH 0/2] introduce post-init read-only memory"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Nov 27, 2015 at 10:00 AM, Linus Torvalds
<torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
>
> - just oops and kill the machine, like for any other unhandled kernel
> page fault. This is probably what you should have on a server

Just to clarify: the "just oops" obviously doesn't have to kill the
machine, it depends on what your oops policy is, with the default
obviously being the normal "kill that particular thread" if at all
possible.

Machine-killing is appropriate in some secure situations, but most of
the time it just makes it too damn hard to debug since the error often
doesn't get logged. In some situations we obviously can't avoid it,
but..

Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Felipe Ferreri Tonello: "Re: [PATCH v5 7/7] usb: gadget: f_midi: pre-allocate IN requests"
Previous message: Linus Torvalds: "Re: [kernel-hardening] [PATCH 0/2] introduce post-init read-only memory"
In reply to: Linus Torvalds: "Re: [kernel-hardening] [PATCH 0/2] introduce post-init read-only memory"
Next in thread: Kees Cook: "Re: [kernel-hardening] [PATCH 0/2] introduce post-init read-only memory"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]