want a means to forbid mappings around NULL
A security-flag (see #7029) is desired to forbid processes to create mappings around NULL ((void *)0), to act in the spirit of SMEP/SMAP on systems without this feature in hardware.
We should protect a block of memory beginning at 0x0, rather than just 0x0, such that we cover must references to members of a NULL structure ((foo_t *)0)->bar.
Updated by Electric Monk about 4 years ago
- Status changed from New to Closed
- % Done changed from 0 to 100
commit d2a70789f056fc6c9ce3ab047b52126d80b0e3da Author: Richard Lowe <email@example.com> Date: 2016-10-15T16:02:16.000Z 7029 want per-process exploit mitigation features (secflags) 7030 want basic address space layout randomization (ASLR) 7031 noexec_user_stack should be a security-flag 7032 want a means to forbid mappings around NULL Reviewed by: Robert Mustacchi <firstname.lastname@example.org> Reviewed by: Josef 'Jeff' Sipek <email@example.com> Reviewed by: Patrick Mooney <firstname.lastname@example.org> Approved by: Dan McDonald <email@example.com>