e6e5494cb2
Move the i386 VDSO down into a vma and thus randomize it. Besides the security implications, this feature also helps debuggers, which can COW a vma-backed VDSO just like a normal DSO and can thus do single-stepping and other debugging features. It's good for hypervisors (Xen, VMWare) too, which typically live in the same high-mapped address space as the VDSO, hence whenever the VDSO is used, they get lots of guest pagefaults and have to fix such guest accesses up - which slows things down instead of speeding things up (the primary purpose of the VDSO). There's a new CONFIG_COMPAT_VDSO (default=y) option, which provides support for older glibcs that still rely on a prelinked high-mapped VDSO. Newer distributions (using glibc 2.3.3 or later) can turn this option off. Turning it off is also recommended for security reasons: attackers cannot use the predictable high-mapped VDSO page as syscall trampoline anymore. There is a new vdso=[0|1] boot option as well, and a runtime /proc/sys/vm/vdso_enabled sysctl switch, that allows the VDSO to be turned on/off. (This version of the VDSO-randomization patch also has working ELF coredumping, the previous patch crashed in the coredumping code.) This code is a combined work of the exec-shield VDSO randomization code and Gerd Hoffmann's hypervisor-centric VDSO patch. Rusty Russell started this patch and i completed it. [akpm@osdl.org: cleanups] [akpm@osdl.org: compile fix] [akpm@osdl.org: compile fix 2] [akpm@osdl.org: compile fix 3] [akpm@osdl.org: revernt MAXMEM change] Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Arjan van de Ven <arjan@infradead.org> Cc: Gerd Hoffmann <kraxel@suse.de> Cc: Rusty Russell <rusty@rustcorp.com.au> Cc: Zachary Amsden <zach@vmware.com> Cc: Andi Kleen <ak@muc.de> Cc: Jan Beulich <jbeulich@novell.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org> |
||
---|---|---|
.. | ||
acpi | ||
cpu | ||
.gitignore | ||
alternative.c | ||
apic.c | ||
apm.c | ||
asm-offsets.c | ||
bootflag.c | ||
cpuid.c | ||
crash.c | ||
crash_dump.c | ||
doublefault.c | ||
early_printk.c | ||
efi.c | ||
efi_stub.S | ||
entry.S | ||
head.S | ||
hpet.c | ||
i386_ksyms.c | ||
i387.c | ||
i8237.c | ||
i8253.c | ||
i8259.c | ||
init_task.c | ||
io_apic.c | ||
ioport.c | ||
irq.c | ||
kprobes.c | ||
ldt.c | ||
machine_kexec.c | ||
Makefile | ||
mca.c | ||
microcode.c | ||
module.c | ||
mpparse.c | ||
msr.c | ||
nmi.c | ||
numaq.c | ||
pci-dma.c | ||
process.c | ||
ptrace.c | ||
quirks.c | ||
reboot.c | ||
reboot_fixups.c | ||
relocate_kernel.S | ||
scx200.c | ||
semaphore.c | ||
setup.c | ||
sigframe.h | ||
signal.c | ||
smp.c | ||
smpboot.c | ||
srat.c | ||
summit.c | ||
sys_i386.c | ||
syscall_table.S | ||
sysenter.c | ||
time.c | ||
time_hpet.c | ||
topology.c | ||
trampoline.S | ||
traps.c | ||
tsc.c | ||
vm86.c | ||
vmlinux.lds.S | ||
vsyscall-int80.S | ||
vsyscall-note.S | ||
vsyscall-sigreturn.S | ||
vsyscall-sysenter.S | ||
vsyscall.lds.S | ||
vsyscall.S |