Re: [PATCH v20 00/28] Intel SGX1 support

From: Jethro Beekman
Date: Fri Apr 19 2019 - 15:38:25 EST

Next message: Alan Stern: "Re: KASAN: slab-out-of-bounds Read in ds_probe"
Previous message: Greg KH: "Re: [PATCH 1/1] r8152: sync sa_family with the media type of network device"
In reply to: Andy Lutomirski: "Re: [PATCH v20 00/28] Intel SGX1 support"
Next in thread: Thomas Gleixner: "Re: [PATCH v20 00/28] Intel SGX1 support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2019-04-19 08:27, Andy Lutomirski wrote:
> There are many,
> many Linux systems that enforce a policy that *all* executable text
> needs to come from a verified source. On these systems, you can't
> mmap some writable memory, write to it, and then change it to
> executable.

How is this implemented on those systems? AFAIK there's no kernel config
option that changes the semantics of mmap as you describe.

--
Jethro Beekman | Fortanix

Next message: Alan Stern: "Re: KASAN: slab-out-of-bounds Read in ds_probe"
Previous message: Greg KH: "Re: [PATCH 1/1] r8152: sync sa_family with the media type of network device"
In reply to: Andy Lutomirski: "Re: [PATCH v20 00/28] Intel SGX1 support"
Next in thread: Thomas Gleixner: "Re: [PATCH v20 00/28] Intel SGX1 support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]