Quotes of the week [LWN.net]

Quotes of the week

Posted Jun 14, 2012 16:11 UTC (Thu) by nevets (subscriber, #11875)
In reply to: Quotes of the week by PaXTeam
Parent article: Quotes of the week

> it's an existing kernel config option, nothing needs to be modified.

Modifying config options does modify the kernel. Do you need to recompile?

> pre 2.0 (iirc) task switching? set_fs()? TLS? ;)

I started working with 2.0, so I should never had said 'never' ;-)

Yeah, I knew about TLS, that's why I said 'much of segmentation', instead of saying 'any of segmentation'.

> nope, (vanilla) linux uses flat segments, there's no separation at the segment level.

Ah sorry, was thinking that it did. It's been a while since I've actually worked with segments. I know the kernel was not limited against accessing userspace, but I was thinking that userspace had the added protection of segments to protect against accessing the kernel.

> when the declared policy from high up is to actively suppress them is... too funny if it wasn't so sad at the same time

Are you saying that since Linux uses a flat segment space that the bugs happen for both i386 and x86_64?

to post comments

Quotes of the week

Posted Jun 14, 2012 16:23 UTC (Thu) by PaXTeam (guest, #24616) [Link] (2 responses)

> Modifying config options does modify the kernel. Do you need to recompile?

i think for most people (esp. kernel devs) modify = patch, and not 'reconfigure'. but for all i care, i got the point across :).

> but I was thinking that userspace had the added protection of segments to protect against accessing the kernel.

even if the default segments were set up this way, there's modify_ldt and TLS to get around them.

> Are you saying that since Linux uses a flat segment space that the bugs happen for both i386 and x86_64?

yes (if 'happen' = 'are exploitable'). UDEREF on i386 uses segmentation to prevent exactly this class of bugs from becoming exploitable beyond DoS.

Quotes of the week

Posted Jun 14, 2012 16:38 UTC (Thu) by nevets (subscriber, #11875) [Link] (1 responses)

> yes (if 'happen' = 'are exploitable'). UDEREF on i386 uses segmentation to prevent exactly this class of bugs from becoming exploitable beyond DoS.

Which goes back to my original point. Why run vanilla Linux i386 on x86_64. It's better to just run x86_64 kernel with a i386 userspace, then an i386 kernel if you have extended RAM.

Quotes of the week

Posted Jun 14, 2012 18:11 UTC (Thu) by PaXTeam (guest, #24616) [Link]

sure, an amd64 kernel manages more RAM in a better way but you had a (rhetorical?) question as to why would someone still stick to i386, i just gave you one possible reason (better kernel self-defense), that's all :).