linux_old1/arch/i386/kernel
Ingo Molnar e6e5494cb2 [PATCH] vdso: randomize the i386 vDSO by moving it into a vma
Move the i386 VDSO down into a vma and thus randomize it.

Besides the security implications, this feature also helps debuggers, which
can COW a vma-backed VDSO just like a normal DSO and can thus do
single-stepping and other debugging features.

It's good for hypervisors (Xen, VMWare) too, which typically live in the same
high-mapped address space as the VDSO, hence whenever the VDSO is used, they
get lots of guest pagefaults and have to fix such guest accesses up - which
slows things down instead of speeding things up (the primary purpose of the
VDSO).

There's a new CONFIG_COMPAT_VDSO (default=y) option, which provides support
for older glibcs that still rely on a prelinked high-mapped VDSO.  Newer
distributions (using glibc 2.3.3 or later) can turn this option off.  Turning
it off is also recommended for security reasons: attackers cannot use the
predictable high-mapped VDSO page as syscall trampoline anymore.

There is a new vdso=[0|1] boot option as well, and a runtime
/proc/sys/vm/vdso_enabled sysctl switch, that allows the VDSO to be turned
on/off.

(This version of the VDSO-randomization patch also has working ELF
coredumping, the previous patch crashed in the coredumping code.)

This code is a combined work of the exec-shield VDSO randomization
code and Gerd Hoffmann's hypervisor-centric VDSO patch. Rusty Russell
started this patch and i completed it.

[akpm@osdl.org: cleanups]
[akpm@osdl.org: compile fix]
[akpm@osdl.org: compile fix 2]
[akpm@osdl.org: compile fix 3]
[akpm@osdl.org: revernt MAXMEM change]
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Arjan van de Ven <arjan@infradead.org>
Cc: Gerd Hoffmann <kraxel@suse.de>
Cc: Rusty Russell <rusty@rustcorp.com.au>
Cc: Zachary Amsden <zach@vmware.com>
Cc: Andi Kleen <ak@muc.de>
Cc: Jan Beulich <jbeulich@novell.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-06-27 17:32:38 -07:00
..
acpi Merge branch 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/lenb/linux-acpi-2.6 2006-06-23 07:52:36 -07:00
cpu [PATCH] fix subarchitecture breakage with CONFIG_SCHED_SMT 2006-06-27 17:32:38 -07:00
.gitignore [PATCH] x86: gitignore some autogenerated files for i386 2006-02-14 16:09:35 -08:00
Makefile Merge branch 'x86-64' 2006-06-26 10:51:09 -07:00
alternative.c [PATCH] x86_64: x86_64 version of the smp alternative patch. 2006-06-26 10:48:14 -07:00
apic.c [PATCH] x86_64: fix apic error on bootup 2006-06-26 10:48:22 -07:00
apm.c [PATCH] i386/x86-64/ia64: Move polling flag into thread_info_status 2006-06-26 10:48:21 -07:00
asm-offsets.c [PATCH] vdso: randomize the i386 vDSO by moving it into a vma 2006-06-27 17:32:38 -07:00
bootflag.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
cpuid.c [PATCH] x86 cpuid and msr notifier callback section mismatches 2006-04-19 09:13:50 -07:00
crash.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/bunk/trivial 2006-06-26 13:33:14 -07:00
crash_dump.c [PATCH] kdump: read previous kernel's memory 2006-01-10 08:01:28 -08:00
doublefault.c [PATCH] i386: cpu_relax() in crash.c and doublefault.c 2006-06-25 10:00:55 -07:00
early_printk.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
efi.c [PATCH] fix array overrun in efi.c 2006-03-26 08:56:57 -08:00
efi_stub.S Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
entry.S [PATCH] vdso: randomize the i386 vDSO by moving it into a vma 2006-06-27 17:32:38 -07:00
head.S [PATCH] i386: cleanup after cpu_gdt_descr conversion to per-cpu data 2006-03-23 07:38:06 -08:00
hpet.c [PATCH] generic-time: add macro to simplify/hide mask constants 2006-06-26 09:58:21 -07:00
i386_ksyms.c [PATCH] No arch-specific strpbrk implementations 2006-04-11 06:18:40 -07:00
i387.c [PATCH] x86: make i387 mxcsr_feature_mask __read_mostly 2006-06-23 07:42:57 -07:00
i8237.c [PATCH] ISA DMA suspend for i386 2005-09-05 00:06:14 -07:00
i8253.c [PATCH] time: fix time going backward w/ clock=pit 2006-06-26 09:58:21 -07:00
i8259.c spelling fixes 2006-06-26 18:35:02 +02:00
init_task.c [PATCH] Change maxaligned_in_smp alignemnt macros to internodealigned_in_smp macros 2006-01-08 20:13:38 -08:00
io_apic.c [PATCH] x86_64: fix vector_lock deadlock in io_apic.c 2006-06-26 10:48:17 -07:00
ioport.c [PATCH] capable/capability.h (arch/) 2006-01-11 18:42:14 -08:00
irq.c [PATCH] x86: increase interrupt vector range 2006-06-27 17:32:37 -07:00
kprobes.c [PATCH] Kprobe: multi kprobe posthandler for booster 2006-06-26 09:58:22 -07:00
ldt.c [PATCH] arch/i386/kernel/ldt.c should #include <asm/mmu_context.h> 2005-11-07 07:53:29 -08:00
machine_kexec.c Storage class should be first 2006-06-26 18:57:34 +02:00
mca.c [PATCH] arch/i386: Use ARRAY_SIZE macro 2005-11-07 07:53:28 -08:00
microcode.c [PATCH] fix x86 microcode driver handling of multiple matching revisions 2006-06-23 07:42:56 -07:00
module.c [PATCH] x86: SMP alternatives 2006-03-23 07:38:04 -08:00
mpparse.c [PATCH] x86_64: avoid IRQ0 ioapic pin collision 2006-05-08 09:34:56 -07:00
msr.c [PATCH] x86 cpuid and msr notifier callback section mismatches 2006-04-19 09:13:50 -07:00
nmi.c [PATCH] x86_64: i386/x86-64 Add nmi watchdog support for new Intel CPUs 2006-06-26 10:48:22 -07:00
numaq.c [PATCH] Time: i386 Conversion - part 2: Rework TSC Support 2006-06-26 09:58:21 -07:00
pci-dma.c [PATCH] gfp flags annotations - part 1 2005-10-08 15:00:57 -07:00
process.c [PATCH] i386/x86-64/ia64: Move polling flag into thread_info_status 2006-06-26 10:48:21 -07:00
ptrace.c [PATCH] drop task argument of audit_syscall_{entry,exit} 2006-05-01 06:06:18 -04:00
quirks.c [PATCH] EDAC: core EDAC support code 2006-01-18 19:20:31 -08:00
reboot.c [PATCH] i386/x86-64: Don't IPI to offline cpus on shutdown 2006-01-11 19:04:50 -08:00
reboot_fixups.c [PATCH] i386: Remove printk about reboot fixups at reboot 2006-04-09 11:53:53 -07:00
relocate_kernel.S [PATCH] kexec: x86 kexec core 2005-06-25 16:24:49 -07:00
scx200.c [PATCH] arch: Replace pci_module_init() with pci_register_driver() 2006-01-09 12:13:21 -08:00
semaphore.c [PATCH] x86: SMP alternatives 2006-03-23 07:38:04 -08:00
setup.c [PATCH] Time: i386 Conversion - part 2: Rework TSC Support 2006-06-26 09:58:21 -07:00
sigframe.h [PATCH] __user annotations for pointers in i386 sigframe 2005-09-09 10:31:59 -07:00
signal.c [PATCH] vdso: randomize the i386 vDSO by moving it into a vma 2006-06-27 17:32:38 -07:00
smp.c [PATCH] x86_64: Standardize i386/x86_64 handling of NMI_VECTOR 2006-06-26 10:48:22 -07:00
smpboot.c [PATCH] i386: move phys_proc_id and cpu_core_id to cpuinfo_x86 2006-06-27 17:32:37 -07:00
srat.c [PATCH] Unify pxm_to_node() and node_to_pxm() 2006-06-23 07:42:48 -07:00
summit.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
sys_i386.c [PATCH] Uninline sys_mmap common code (reduce binary size) 2006-03-22 07:54:02 -08:00
syscall_table.S [PATCH] sys_move_pages: 32bit support (i386, x86_64) 2006-06-23 07:42:53 -07:00
sysenter.c [PATCH] vdso: randomize the i386 vDSO by moving it into a vma 2006-06-27 17:32:38 -07:00
time.c [PATCH] Time: i386 Clocksource Drivers 2006-06-26 09:58:21 -07:00
time_hpet.c [PATCH] move rtc_interrupt() prototype to rtc.h 2006-01-08 20:13:47 -08:00
topology.c [PATCH] node hotplug: register cpu: remove node struct 2006-06-27 17:32:37 -07:00
trampoline.S Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
traps.c [PATCH] i386/x86-64: fall back to old-style call trace if no unwinding 2006-06-26 10:48:18 -07:00
tsc.c [PATCH] generic-time: add macro to simplify/hide mask constants 2006-06-26 09:58:21 -07:00
vm86.c [PATCH] drop task argument of audit_syscall_{entry,exit} 2006-05-01 06:06:18 -04:00
vmlinux.lds.S [PATCH] i386: reliable stack trace support (i386) 2006-06-26 10:48:17 -07:00
vsyscall-int80.S Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
vsyscall-note.S [PATCH] i386 vDSO: add PT_NOTE segment 2005-04-16 15:24:48 -07:00
vsyscall-sigreturn.S [PATCH] Mark unwind info for signal trampolines in vDSOs 2006-03-31 12:18:52 -08:00
vsyscall-sysenter.S [PATCH] vdso: randomize the i386 vDSO by moving it into a vma 2006-06-27 17:32:38 -07:00
vsyscall.S Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
vsyscall.lds.S [PATCH] vdso: randomize the i386 vDSO by moving it into a vma 2006-06-27 17:32:38 -07:00