This is the mail archive of the libc-alpha@sources.redhat.com mailing list for the glibc project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
I can see how randomized VDSO for platforms using NEED_DL_SYSINFO/DL_SYSINFO_IMPLEMENTATION might prevent a virus attacker from using syscalls. But powerpc is a NEED_DL_SYSINFO_DSO only implemention and so can't prevent anyone from using syscalls inline. And I don't see how calling gettimeofday is a security threat?
It doesn't matter whether inline syscalls can be made. The issue is to avoid fixed addresses for code at all costs. Therefore the vDSO must be randomizable without cost. That has all been discussed, and Ben wrote the vDSO code to allow just that. The fact that it means a minimal amount of additional work in the users of the vDSO is not important. The code in the vDSO doesn't need the TOC so a lot of corners can be cut.
Just look into the efforts to get the vDSO used for gettimeofday as it is today. If it wurns out too much work, changes to the vDSO can be considered. Otherwise leave it as is.
-- â Ulrich Drepper â Red Hat, Inc. â 444 Castro St â Mountain View, CA â
Attachment:
signature.asc
Description: OpenPGP digital signature
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |