| |||||||||||||
Kernel security, year to dateKernel security, year to datePosted Sep 9, 2008 23:21 UTC (Tue) by jreiser (subscriber, #11027)In reply to: Kernel security, year to date by nix Parent article: Kernel security, year to date the kernel ... makes such heavy use of function pointers that complete coverage of these situations is never going to happen. Why not? Build an option to gcc that tests for zero at every invocation of a non-lexical function, then make that option the default when compiling for Linux kernel. Or, have every interrupt and syscall map a replacement if page 0 already has a user-level mapping.
(Log in to post comments)
Kernel security, year to date Posted Sep 10, 2008 8:57 UTC (Wed) by nix (subscriber, #2304) [Link]
Both of these options would be really really -really- expensive (especially the latter: page table manipulation is expensive). The first one has more promise: GCC already has *some* code to insert automatic tests against NULL, it just isn't hooked up in the right places
|
|||||||||||||