Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 29 Jul 2019 17:00:38 +1000
From: Daniel Axtens <>
To: Andrew Donnellan <>, Christopher M Riedl <>,,
Subject: Re: [RFC PATCH v2] powerpc/xmon: restrict when kernel is locked down

Hi Chris,

>>>> Remind me again why we need to clear breakpoints in integrity mode?
>> Integrity mode merely means we are aiming to prevent modifications to 
>> kernel memory. IMHO leaving existing breakpoints in place is fine as 
>> long as when we hit the breakpoint xmon is in read-only mode.
> I think ajd is right. 
> I think about it like this. There are 2 transitions:
>  - into integrity mode
>    Here, we need to go into r/o, but do not need to clear breakpoints.
>    You can still insert breakpoints in readonly mode, so clearing them
>    just makes things more irritating rather than safer.
>  - into confidentiality mode
>    Here we need to purge breakpoints and disable xmon completely.

Would you be able to send a v2 with these changes? (that is, not purging
breakpoints when entering integrity mode)


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.