Re: [kernel-hardening] [RFC PATCH v2 0/3] Add support for eXclusive Page Frame Ownership (XPFO)

2016-09-14 Thread Mark Rutland
On Wed, Sep 14, 2016 at 10:36:34AM +0100, Mark Rutland wrote: > On Wed, Sep 14, 2016 at 09:18:58AM +0200, Juerg Haefliger wrote: > > This patch series adds support for XPFO which protects against 'ret2dir' > > kernel attacks. The basic idea is to enforce exclusive ownership of page > > frames by

Re: [kernel-hardening] [RFC PATCH v2 0/3] Add support for eXclusive Page Frame Ownership (XPFO)

2016-09-14 Thread Mark Rutland
On Wed, Sep 14, 2016 at 10:36:34AM +0100, Mark Rutland wrote: > On Wed, Sep 14, 2016 at 09:18:58AM +0200, Juerg Haefliger wrote: > > This patch series adds support for XPFO which protects against 'ret2dir' > > kernel attacks. The basic idea is to enforce exclusive ownership of page > > frames by

Re: [kernel-hardening] [RFC PATCH v2 0/3] Add support for eXclusive Page Frame Ownership (XPFO)

2016-09-14 Thread Mark Rutland
Hi, On Wed, Sep 14, 2016 at 09:18:58AM +0200, Juerg Haefliger wrote: > This patch series adds support for XPFO which protects against 'ret2dir' > kernel attacks. The basic idea is to enforce exclusive ownership of page > frames by either the kernel or userspace, unless explicitly requested by >

Re: [kernel-hardening] [RFC PATCH v2 0/3] Add support for eXclusive Page Frame Ownership (XPFO)

2016-09-14 Thread Mark Rutland
Hi, On Wed, Sep 14, 2016 at 09:18:58AM +0200, Juerg Haefliger wrote: > This patch series adds support for XPFO which protects against 'ret2dir' > kernel attacks. The basic idea is to enforce exclusive ownership of page > frames by either the kernel or userspace, unless explicitly requested by >