Posted Sep 4, 2008 11:48 UTC (Thu) by cde (guest, #46554)
Parent article: Linux 3.0?
One cool feature I'd like to see for Linux 3.0 is the return of the 4G/4G user/kernel split. Of course, there is a performance hit on the TLB (up to 30% iirc on a P4). The nice thing about a full split is, you protect from a whole range of attacks that involve executing user-space code in the context of the kernel.
A good example is the vmsplice exploit which is quite complicated but basically lead to ring0 code execution because lower pages could be manipulated by user space (using MMAP_FIXED), and those were mapped into the kernel as well.
Now I understand not everyone would want this feature, but it'd be a plus for security-minded sysadmins. In addition, it'd be nice if Linux could move to a more micro-kernel like design. There's an additional performance hit but once again you improve security (although IPC introduces a new class of potential flaws).