[RFC, PATCH] x86_64: KAISER - do not map kernel in user mode https://lkml.org/lkml/2017/5/4/220 … @mlqxyz @misc0110 @BloodyTangerine #ESSoS17 #ruhrsec
https://gist.github.com/thejh/b8be219d48084630ec0aed41ee71aee2 … user-mode pagetables of a 64-bit Xen PV guest. you can see that the hypervisor is mapped, but the guest kernel isn't
-
-
yes. that is exactly the problem, that the hypervisor is mapped. we're attacking the hypervisor, not the guest kernel...
-
my point is that to support 64-bit Xen PV, the kernel already has logic for splitting pagetables like this, and you might want to reuse that
- 1 more reply
New conversation -
-
-
(and it has to be that way because guest user and guest kernel run in the same ring)
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.