From owner-freebsd-security@FreeBSD.ORG  Fri Sep 18 22:15:14 2009
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id C0370106566B
	for <freebsd-security@freebsd.org>;
	Fri, 18 Sep 2009 22:15:14 +0000 (UTC) (envelope-from drosih@rpi.edu)
Received: from smtp5.server.rpi.edu (smtp5.server.rpi.edu [128.113.2.225])
	by mx1.freebsd.org (Postfix) with ESMTP id 0C7DF8FC0C
	for <freebsd-security@freebsd.org>;
	Fri, 18 Sep 2009 22:15:13 +0000 (UTC)
Received: from [128.113.24.47] (gilead.netel.rpi.edu [128.113.24.47])
	by smtp5.server.rpi.edu (8.13.1/8.13.1) with ESMTP id n8IL0Ngu020233;
	Fri, 18 Sep 2009 17:00:25 -0400
Mime-Version: 1.0
Message-Id: <p06240802c6d9a4c04761@[128.113.24.47]>
In-Reply-To: <20090919.001313.110616099.hdk_2@yahoo.co.jp>
References: <4AAF4A64.3080906@thedarkside.nl>
	<20090919.001313.110616099.hdk_2@yahoo.co.jp>
Date: Fri, 18 Sep 2009 17:00:22 -0400
To: Hideki EIRAKU <hdk_2@yahoo.co.jp>, pieter@thedarkside.nl
From: Garance A Drosihn <drosih@rpi.edu>
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
X-Bayes-Prob: 0.0001 (Score 0)
X-RPI-SA-Score: 0.00 () [Hold at 20.00] 22490(-25)
X-CanItPRO-Stream: outgoing
X-Canit-Stats-ID: Bayes signature not available
X-Scanned-By: CanIt (www . roaringpenguin . com) on 128.113.2.225
Cc: freebsd-security@freebsd.org
Subject: Re: Protecting against kernel NULL-pointer derefs
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Sep 2009 22:15:14 -0000

At 12:13 AM +0900 9/19/09, Hideki EIRAKU wrote:
>From: Pieter de Boer <pieter@thedarkside.nl>
>Subject: Protecting against kernel NULL-pointer derefs
>Date: Tue, 15 Sep 2009 10:03:48 +0200
>
>>  - Are there unwanted side-effects of raising VM_MIN_ADDRESS?
>
>Mapping at address 0x0 is needed by some softwares using vm86 mode.
>For example, emulators/doscmd uses vm86 mode to emulate an old DOS
>environment. In this case, the address 0x0 - 0x3ff is used for an
>interrupt vector of emulated DOS world. If VM_MIN_ADDRESS is not
>zero, doscmd doesn't work. vm86 mode is in 32bit i386 architecture
>only, not in amd64 or other architectures.

Could we:

a) alter those programs so they didn't need that vector in page 0?

or

b) provide some system call or other facility which would allow
    *that* process to use page 0?

-- 
Garance Alistair Drosehn            =   gad@gilead.netel.rpi.edu
Senior Systems Programmer           or  gad@freebsd.org
Rensselaer Polytechnic Institute    or  drosih@rpi.edu