lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20070402132820.GA28983@one.firstfloor.org>
Date:	Mon, 2 Apr 2007 15:28:20 +0200
From:	Andi Kleen <andi@...stfloor.org>
To:	Tasos Parisinos <t.parisinos@...ensis.com>
Cc:	Andi Kleen <andi@...stfloor.org>, herbert@...dor.apana.org.au,
	linux-kernel@...r.kernel.org, randy.dunlap@...cle.com, indan@....nu
Subject: Re: [PATCH resend][CRYPTO]: RSA algorithm patch

> The main purpose behind the creation of this module was to create the
> cryptographic infrastructure to develop an in-kernel system of signed
> modules.

So how do you plan to close the various interfaces that allow access to kernel
memory? 

I would suggest to discuss the high level design first before submitting
code. 

> 
> The best environment to deploy such functionality is in updating by remote,
> executable code (programs, libs and modules) on embedded devices running
> Linux, that have some form of kernel physical security, so one can't 

How would that physical security look like? Would it include DMA
protection?

For example to do any useful form of graphics you need
user controllable DMA, which can normally touch everything.
There are various other similar "backdoors" for root.

I'm somewhat sceptical because all kernels will need access
to the direct mapping to operate and there are also various
interfaces that can be as root (ab)used to change it.

And when you can do that they can change function pointers
and jump to arbitary code or change the kernel page tables
and map arbitary code.

Disallowing all this would probably end up with a quite
useless kernel. 

> There are already some systems that implement and utilize such 
> functionality that
> use windows platforms, and other Linux distros that use userland 

Yes, at least the Vista variant was just broken. And its designers spent
a lot of effort on it, but it didn't help.

-Andi

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ