[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] x86: PIE support and option to extend KASLR randomization



* Pavel Machek <pavel@xxxxxx> wrote:

> > For example, there would be collision with regular user-space mappings, 
> > right? 
> > Can local unprivileged users use mmap(MAP_FIXED) probing to figure out 
> > where 
> > the kernel lives?
> 
> Local unpriviledged users can probably get your secret bits using cache 
> probing 
> and jump prediction buffers.
> 
> Yes, you don't want to leak the information using mmap(MAP_FIXED), but CPU 
> will 
> leak it for you, anyway.

Depends on the CPU I think, and CPU vendors are busy trying to mitigate this 
angle.

Thanks,

        Ingo

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.