|
Message-ID: <alpine.DEB.2.20.1802021236510.31548@nuc-kabylake> Date: Fri, 2 Feb 2018 12:39:20 -0600 (CST) From: Christopher Lameter <cl@...ux.com> To: Matthew Wilcox <willy@...radead.org> cc: Jann Horn <jannh@...gle.com>, Igor Stoppa <igor.stoppa@...wei.com>, jglisse@...hat.com, Kees Cook <keescook@...omium.org>, Michal Hocko <mhocko@...nel.org>, Laura Abbott <labbott@...hat.com>, Christoph Hellwig <hch@...radead.org>, linux-security-module@...r.kernel.org, linux-mm@...ck.org, kernel list <linux-kernel@...r.kernel.org>, Kernel Hardening <kernel-hardening@...ts.openwall.com> Subject: Re: [PATCH 4/6] Protectable Memory On Thu, 25 Jan 2018, Matthew Wilcox wrote: > It's worth having a discussion about whether we want the pmalloc API > or whether we want a slab-based API. We can have a separate discussion > about an API to remove pages from the physmap. We could even do this in a more thorough way. Can we use a ring 1 / 2 distinction to create a hardened OS core that policies the rest of the ever expanding kernel with all its modules and this and that feature? I think that will long term be a better approach and allow more than the current hardening approaches can get you. It seems that we are willing to tolerate significant performance regressions now. So lets use the protection mechanisms that the hardware offers.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.