First page Back Continue Last page Summary Graphics
UML write-protects most kernel memory on exit from kernel and write-enables it on kernel entry
- Two pages at start of executable
- One page of static data
- Three pages of kernel stack
The UML kernel is mapped into the address spaces of its processes. Because of the performance impact of protecting kernel memory from userspace, it is mapped in writeable by default. In 'jail' mode (or 'honeypot' mode, which enables 'jail' if necessary), it is write-protected whenever the process is running in userspace.
There are some exceptions, some of which can be fixed but don't seem exploitable, and one of which (the kernel stack) is not fixable given the current capabilities of the host Linux, but is not exploitable.