Date: Fri, 18 Sep 2009 10:09:27 -0700 From: Julian Elischer <julian@elischer.org> To: =?ISO-8859-1?Q?Istv=E1n?= <leccine@gmail.com> Cc: pieter@thedarkside.nl, freebsd-security@freebsd.org Subject: Re: Protecting against kernel NULL-pointer derefs Message-ID: <4AB3BEC7.6090409@elischer.org> In-Reply-To: <b8592ed80909180852r6f088176oe60fe598b797d636@mail.gmail.com> References: <4AAF4A64.3080906@thedarkside.nl> <20090919.001313.110616099.hdk_2@yahoo.co.jp> <b8592ed80909180852r6f088176oe60fe598b797d636@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
István wrote: > the question is how much percent of the user are using wine and dosbox which > are going to break with this setting, i guess 10% or less. So those guys > could use _NO_VM_MIN kernel or something while the rest of the world would > fly high with secured kernel. The assumption is that the userland and kernel share a memory map. While we do implement it this way, it is not necessarily needed. We do it for performance reasons (each user memory map includes an identical top section that is the kernel space, so that we do not need to switch memory page arenas (change CR3) when entering the kernel. However it might be possible to not do this, and in fact on some hardware it is mandatory to not do this). It would require a page table arena switch with each syscall which would require flushing the TLBs which would be expensive.. Hmm I guess I've talked myself out of this as a solution.. :-) Julian > > to quote a security friend: > > the freebsd was the last target platform for this bugclass :)) > > regards, > Istvan > > > On Fri, Sep 18, 2009 at 4:13 PM, Hideki EIRAKU <hdk_2@yahoo.co.jp> wrote: > >> From: Pieter de Boer <pieter@thedarkside.nl> >> Subject: Protecting against kernel NULL-pointer derefs >> Date: Tue, 15 Sep 2009 10:03:48 +0200 >> >>> - Are there unwanted side-effects of raising VM_MIN_ADDRESS? >> Mapping at address 0x0 is needed by some softwares using vm86 mode. >> For example, emulators/doscmd uses vm86 mode to emulate an old DOS >> environment. In this case, the address 0x0 - 0x3ff is used for an >> interrupt vector of emulated DOS world. If VM_MIN_ADDRESS is not zero, >> doscmd doesn't work. vm86 mode is in 32bit i386 architecture only, not >> in amd64 or other architectures. >> >> -- >> Hideki EIRAKU >> -------------------------------------- >> Thanks 10 years! Yahoo! Shopping and Yahoo! Auctions >> http://pr.mail.yahoo.co.jp/ec10years/ >> _______________________________________________ >> freebsd-security@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-security >> To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org >> " >> > > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4AB3BEC7.6090409>