On Mon Feb 6 21:50:45 2023 +0000, Steve Schnepp wrote:
Oh, but it looked actually very similar to how `gettimeofday()` is implemented in Linux.
The KUSER_SHARED_DATA structure is a single page (4096 bytes) in
memory that is mapped at a fixed, hardcoded address in both kernel and user side of VAS. KUSER_SHARED_DATA is mapped into every process and provides a quick mechanism to obtain frequently needed global data (interrupt time, version, debugger state, processor extensions, etc.) from the kernel without involving user-kernel mode switching using system calls or interrupts from https://msrc-blog.microsoft.com/2022/04/05/randomizing-the-kuser_shared_data... On that page, there's even some discussion at _what_ will break and how to move it out. TLDR: you cannot :disappointed:
Actually, you are right and I'm wrong.
vDSO is randomized, vsyscall is the static version.
Also, in Linux a full function is provided, whereas in win32 only the values are provided, relying on header macros to fetch the correct values.
Amending also.