From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-ob0-f174.google.com (mail-ob0-f174.google.com [209.85.214.174]) by kanga.kvack.org (Postfix) with ESMTP id 5FEAB828DE for ; Thu, 7 Jan 2016 17:25:25 -0500 (EST) Received: by mail-ob0-f174.google.com with SMTP id bx1so312290137obb.0 for ; Thu, 07 Jan 2016 14:25:25 -0800 (PST) Received: from blackbird.sr71.net (www.sr71.net. [198.145.64.142]) by mx.google.com with ESMTP id e189si34300750oif.93.2016.01.07.14.25.24 for ; Thu, 07 Jan 2016 14:25:24 -0800 (PST) Subject: Re: [PATCH 31/31] x86, pkeys: execute-only support References: <20160107000104.1A105322@viggo.jf.intel.com> <20160107000148.ED5D13DF@viggo.jf.intel.com> From: Dave Hansen Message-ID: <568EE5D3.1080006@sr71.net> Date: Thu, 7 Jan 2016 14:25:23 -0800 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Sender: owner-linux-mm@kvack.org List-ID: To: Kees Cook Cc: LKML , Linux-MM , "x86@kernel.org" , Dave Hansen , Linus Torvalds , Andrew Morton , Andy Lutomirski On 01/07/2016 01:02 PM, Kees Cook wrote: >> > I haven't found any userspace that does this today. With this >> > facility in place, we expect userspace to move to use it >> > eventually. > And the magic benefit here is that linker/loaders can switch to just > PROT_EXEC without PROT_READ, and everything that doesn't support this > protection will silently include PROT_READ, so no runtime detection by > the loader is needed. Yep, completely agree. I'll update the description. >> > The security provided by this approach is not comprehensive. The > Perhaps specifically mention what it does provide, which would be > protection against leaking executable memory contents, as generally > done by attackers who are attempting to find ROP gadgets on the fly. Good point. -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: email@kvack.org