Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 20 Apr 2016 15:59:54 -0700
From: Kees Cook <keescook@...gle.com>
To: Catalin Marinas <catalin.marinas@....com>
Cc: "kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com>
Subject: Re: ARMv8.0 PAN emulation

On Fri, Apr 15, 2016 at 1:58 AM, Catalin Marinas
<catalin.marinas@....com> wrote:
> Hi Kees,
>
> On Wed, Apr 13, 2016 at 08:34:31AM -0700, Kees Cook wrote:
>> I was curious about where PAN emulation for ARMv8.0 stood?
>
> I guess the question is with regards to the arm64 kernel port.

Yeah, in non-LPAE mode, we're covered by Domains, IIUC.

>> You'd mentioned[1] that it might be possible to rework the TTBR0 patch
>> to do what's needed. Is there anyone that has cycles to work on it?
>
> Unfortunately, not. I can put it on our to-do list but the backlog is
> pretty large already, so I can't realistically state an ETA.

Okay, no worries. I'll add this to my list of "things we need someone
to work on". :)

>> Also, did you ever get an answer about the lowmem boundary?
>
> No but I looked through the arm32 kernel and couldn't find any
> guarantees. IIRC, we used to have such assumption in the past until we
> got the TI Keystone platform with RAM being relocated above 4GB (after
> the initial boot code).

Okay, good to know.

-Kees

-- 
Kees Cook
Chrome OS & Brillo Security

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.