On Thu, Jul 28, 2016 at 08:43:54PM +0200, Wolfgang Solfrank wrote: > Hi, > > > Currently, there is no real way to make sure a userland process won't be > > able to allocate the NULL page. > > Why should this be restricted?
It matters on architectures with shared user/kernel VA. If you can map something to (void *)0, you can turn many dereferences of such address into exploits. Joerg
