Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 14 Feb 2018 15:13:28 -0700
From: Tycho Andersen <>
To: Kees Cook <>
Cc: Laura Abbott <>, Jann Horn <>,
	Igor Stoppa <>,
	Boris Lukashev <>,
	Christopher Lameter <>,
	Matthew Wilcox <>,
	Jerome Glisse <>,
	Michal Hocko <>,
	Christoph Hellwig <>,
	linux-security-module <>,
	Linux-MM <>,
	kernel list <>,
	Kernel Hardening <>,
	linux-arm-kernel <>
Subject: Re: arm64 physmap (was Re: [PATCH 4/6]
 Protectable Memory)

On Wed, Feb 14, 2018 at 11:48:38AM -0800, Kees Cook wrote:
> On Wed, Feb 14, 2018 at 11:06 AM, Laura Abbott <> wrote:
> > fixed. Modules yes are not fully protected. The conclusion from past
> > experience has been that we cannot safely break down larger page sizes
> > at runtime like x86 does. We could theoretically
> > add support for fixing up the alias if PAGE_POISONING is enabled but
> > I don't know who would actually use that in production. Performance
> > is very poor at that point.
> XPFO forces 4K pages on the physmap[1] for similar reasons. I have no
> doubt about performance changes, but I'd be curious to see real
> numbers. Did anyone do benchmarks on just the huge/4K change? (Without
> also the XPFO overhead?)
> If this, XPFO, and PAGE_POISONING all need it, I think we have to
> start a closer investigation. :)

I haven't but it shouldn't be too hard. What benchmarks are you


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.