@kees_cook The ARM implementations of KERNEXEC and UDEREF would be a good place to start. Insignificant performance hit and no segmentation.
-
-
-
@kees_cook Linus probably wouldn't veto using ARM memory domains as he will with segmentation. -
@kees_cook Well, maybe@grsecurity (spender) would be willing to review your changes and sign off on stuff. Google could just pay for it. -
@kees_cook@grsecurity Could just do it via https://www.google.com/about/appsecurity/patch-rewards/ … if you wanted to skip the business side bureaucracy. -
@kees_cook There seems to be an assumption that@grsecurity and@paxteam aren't willing to help upstream stuff, but has anyone asked? -
@CopperheadSec@grsecurity@paxteam Yup, I asked already. The reply was mostly that they already made their decision to avoid upstream pain. -
@kees_cook@grsecurity@paxteam Seems like it would be different if they were simply being paid to split out features for say ChromeOS. - 2 more replies
New conversation -
-
-
@kees_cook Yeah, I'll just use grsec.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.