[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20090506205243.GC31071@waste.org>
Date: Wed, 6 May 2009 15:52:43 -0500
From: Matt Mackall <mpm@...enic.com>
To: Ingo Molnar <mingo@...e.hu>
Cc: "Eric W. Biederman" <ebiederm@...ssion.com>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Arjan van de Ven <arjan@...radead.org>,
Jake Edge <jake@....net>, security@...nel.org,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
James Morris <jmorris@...ei.org>,
linux-security-module@...r.kernel.org,
Eric Paris <eparis@...hat.com>,
Alan Cox <alan@...rguk.ukuu.org.uk>,
Roland McGrath <roland@...hat.com>, mingo@...hat.com,
Andrew Morton <akpm@...ux-foundation.org>,
Greg KH <greg@...ah.com>, Dave Jones <davej@...hat.com>
Subject: Re: [Security] [PATCH] proc: avoid information leaks to non-privileged processes
On Wed, May 06, 2009 at 10:25:17PM +0200, Ingo Molnar wrote:
>
> * Matt Mackall <mpm@...enic.com> wrote:
>
> > On Wed, May 06, 2009 at 12:30:34PM +0200, Ingo Molnar wrote:
> > > (Also, obviously "only" covering 95% of the Linux systems has its
> > > use as well. Most other architectures have their own cycle counters
> > > as well.)
> >
> > X86 might be 95% of desktop. But it's a small fraction of Linux
> > systems once you count cell phones, video players, TVs, cameras,
> > GPS devices, cars, routers, etc. almost none of which are
> > x86-based. In fact, just Linux cell phones (with about an 8% share
> > of a 1.2billion devices per year market) dwarf Linux desktops
> > (maybe 5% of a 200m/y market).
>
> Firstly, the cycle counter is just one out of several layers there.
> So it's a hyperbole to suggest that i'm somehow not caring about
> architectures that dont have a cycle counter. I'm simply making use
> of a cheaply accessed and fast-changing variable on hw that has it.
Whatever, I've never argued against TSC being beneficial. But it sure
as hell is not sufficient. Your original claim that this attack was
not possible in your original code: still bogus.
> Also, are those systems really going to be attacked locally,
> brute-forcing a PRNG?
Yes[1], even though my point was mostly to shoot down your bogus
statistic for reasons unrelated to this discussion. If you want to
make a new claim that '95% of Linux systems interesting to Ingo are
x86', I won't argue with that.
[1] 95% of security holes are caused by developer failures of imagination.
--
Mathematics is the supreme nostalgia of our time.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists