| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 10 Nov 2010 10:04:15 +0100 From: Ingo Molnar <mingo@...e.hu> To: Kees Cook <kees.cook@...onical.com>, matthieu castet <castet.matthieu@...e.fr> Cc: Siarhei Liakh <sliakh.lkml@...il.com>, Rusty Russell <rusty@...tcorp.com.au>, linux-kernel@...r.kernel.org, Linus Torvalds <torvalds@...ux-foundation.org>, "H. Peter Anvin" <hpa@...or.com>, Thomas Gleixner <tglx@...utronix.de>, Arjan van de Ven <arjan@...radead.org>, Andrew Morton <akpm@...ux-foundation.org> Subject: Re: [Security] proactive defense: using read-only memory, RO/NX modules * Kees Cook <kees.cook@...onical.com> wrote: > Hi, > > On Mon, Nov 08, 2010 at 07:13:24AM +0100, Ingo Molnar wrote: > > * Kees Cook <kees.cook@...onical.com> wrote: > > > While Dan Rosenberg is working to make things harder to locate potential targets > > > in the kernel through fixing kernel address leaks[1], I'd like to approach a > > > related proactive security measure: enforcing read-only memory for things that > > > would make good targets. > > > > Nice! IMHO we need more of that. (If the readonly section gets big enough in > > practice we could perhaps even mark it large-page in the future. It could serve as > > an allocator to module code as well - that would probably be a speedup even for > > modules.) > > Well, I can try to extract and send what PaX does, but it seems relatively > incompatible with the existing system that uses set_kernel_text_rw() and > friends. > > > > - Modules need to be correctly marked RO/NX. This patch exists[3], but is > > > not in mainline. It needs to be in mainline. > > [...] > > > > > > [3] http://git.kernel.org/?p=linux/kernel/git/x86/linux-2.6-tip.git;a=commitdiff;h=65187d24fa3ef60f691f847c792e8eaca7e19251 > > > > The reason the RO/NX patch from Siarhei Liakh is not upstream yet is rather mundane: > > it introduced regressions - it caused boot crashes on one of my testboxes. > > > > But there is no fundamental reason why it shouldnt be upstream. We can push it > > upstream if the crashes are resolved and if it gets an Ack from Rusty or Linus > > for the module bits. > > Oh, well, yes, that's a good reason. :) Where was this covered? I'd like to help > get it reproduced and ironed out. Matthieu Castet seems to have dusted off those patches and submitted two of them in this mail: Subject: [RFC] reworked NX protection for kernel data Matthieu, are you still interested in this topic? The original, broken patches were these -tip commits: 1e858c081af5: x86, mm: RO/NX protection for loadable kernel modules 18c60ddc9eff: x86, mm: NX protection for kernel data c226a2feba21: x86, mm: Set first MB as RW+NX b29d530510d4: x86, mm: Correcting improper large page preservation I reported one of the crashes in: Subject: Re: [tip:x86/mm] x86, mm: Set first MB as RW+NX on lkml. Thanks, Ingo -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists