[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] grsecurity +XEN w/o HVM

I surrounded the tss_struct declaration and the tss->esp0/current->thread.esp0 assignments with #ifdef CONFIG_X86_NO_TSS lines to get the kernel to compile.  That completely defeats the purpose of this function which is to randomize the kernel stack.  What is available in Xen that is comparable to the capacity that struct tss_struct is used in if CONFIG_X86_NO_TSS is defined?
Any ideas would be greatly appreciated.

Only the declaration and uses of the 'tss' local variable should be CONFIG_X86_NO_TSS. You'll still need to modify current->thread.esp0, and then execute HYPERVISOR_stack_switch(KERNEL_DS, current->thread.esp0).

 -- Keir

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.