Mastodon Feed
Boosted by kornel ("Kornel"):
ezhes_@mastodon.online ("Allison Husain") wrote:
/2 The trick behind this mitigation is to use the compiler to clamp all pointer offset operations in kernel code to a magnitude of less than 4GB. If you feel like grep-ing, the specific codegen for this clamp operation currently uses a special 0x2BAD poisoning pattern in the top 16 bits when the magnitude exceeds 4GB.
With some VA layout tricks to inject large 4GB unmapped gutters between major kernel VA regions, this has some delightful consequences.