WARNING - OLD ARCHIVES

"John Anderson" <johnha@xxxxxxxxxx> · 2006年6月27日 11:29:02 -0700

Thanks very much,
It appears to have done the trick, at least on x86_64. I wish I could get the 
i386 grsec kernel too boot so I could test it there too! :-).
John A.
-----Original Message-----
From: Keir Fraser [mailto:Keir.Fraser@xxxxxxxxxxxx] 
Sent: Tuesday, June 27, 2006 2:02 AM
To: John Anderson
Cc: xen-devel@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-devel] grsecurity +XEN w/o HVM
> I surrounded the tss_struct declaration and the 
> tss->esp0/current->thread.esp0 assignments with #ifdef 
> CONFIG_X86_NO_TSS lines to get the kernel to compile.  That completely 
> defeats the purpose of this function which is to randomize the kernel 
> stack.  What is available in Xen that is comparable to the capacity 
> that struct tss_struct is used in if CONFIG_X86_NO_TSS is defined?
>  
> Any ideas would be greatly appreciated.
>  
Only the declaration and uses of the 'tss' local variable should be 
CONFIG_X86_NO_TSS. You'll still need to modify current->thread.esp0, 
and then execute HYPERVISOR_stack_switch(KERNEL_DS, 
current->thread.esp0).
 -- Keir
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

To:	<xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject:	RE: [Xen-devel] grsecurity +XEN w/o HVM
From:	"John Anderson" <johnha@xxxxxxxxxx>
Date:	2006年6月27日 11:29:02 -0700
Delivery-date:	2006年6月27日 11:29:27 -0700
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxx
List-help:	<mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id:	Xen developer discussion <xen-devel.lists.xensource.com>
List-post:	<mailto:xen-devel@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender:	xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index:	AcaZyFPnSs7DRVtfR0+M/OnuIIw03wATwolg
Thread-topic:	[Xen-devel] grsecurity +XEN w/o HVM

<Prev in Thread]	Current Thread	[Next in Thread>
[Xen-devel] grsecurity +XEN w/o HVM , John Anderson Re: [Xen-devel] grsecurity +XEN w/o HVM , Keir Fraser RE: [Xen-devel] grsecurity +XEN w/o HVM, John Anderson <=

Previous by Date:	Re: [Xen-devel] Re: [rfc] [patch] grant_entry.flags accessors , Jimi Xenidis
Next by Date:	[Xen-devel] Migration filesystem coherency? , John Byrne
Previous by Thread:	Re: [Xen-devel] grsecurity +XEN w/o HVM , Keir Fraser
Next by Thread:	[Xen-devel] [PATCH][RESEND]Xenoprof passive domain support , Yang, Xiaowei
Indexes:	[Date] [Thread] [Top] [All Lists]

WARNING - OLD ARCHIVES

xen-devel

RE: [Xen-devel] grsecurity +XEN w/o HVM