lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20101119191906.GA31760@xanatos>
Date:	Fri, 19 Nov 2010 11:19:06 -0800
From:	Sarah Sharp <sarah.a.sharp@...ux.intel.com>
To:	Marcus Meissner <meissner@...e.de>
Cc:	torvalds@...ux-foundation.org, linux-kernel@...r.kernel.org,
	tj@...nel.org, akpm@...l.org, hpa@...or.com, mingo@...e.hu,
	w@....eu, alan@...rguk.ukuu.org.uk
Subject: Re: [PATCH] kernel: make /proc/kallsyms mode 400 to reduce ease of
 attacking

On Tue, Nov 16, 2010 at 11:46:03AM +0100, Marcus Meissner wrote:
> Hi,
> 
> Making /proc/kallsyms readable only for root makes it harder
> for attackers to write generic kernel exploits by removing
> one source of knowledge where things are in the kernel.
> 
> This is the second submit, discussion happened on this on first submit
> and mostly concerned that this is just one hole of the sieve ... but
> one of the bigger ones.
> 
> Changing the permissions of at least System.map and vmlinux is
> also required to fix the same set, but a packaging issue.
> 
> Target of this starter patch and follow ups is removing any kind of
> kernel space address information leak from the kernel.
> 
> Ciao, Marcus
> 
> Signed-off-by: Marcus Meissner <meissner@...e.de>
> Acked-by: Tejun Heo <tj@...nel.org>
> Acked-by: Eugene Teo <eugeneteo@...nel.org>
> Reviewed-by: Jesper Juhl <jj@...osbits.net>

On Wednesday, I updated my branch to commit 460781b from linus' tree,
and my box would not boot.  klogd segfaulted, which stalled the whole
system.

At first I thought it actually hung the box, but it continued booting
after 5 minutes, and I was able to log in.  It dropped back to the text
console instead of the graphical bootup display for that period of time.
dmesg surprisingly still works.  I've bisected the problem down to this
commit (commit 59365d136d205cc20fe666ca7f89b1c5001b0d5a in
linus/master).

.config and dmesg are attached.  The box is running klogd 1.5.5ubuntu3
(from Jaunty).  Yes, I know that's old.  I read the bit in the commit
about changing the permissions of kallsyms after boot, but if I can't
boot that doesn't help.  Perhaps this can be made a configuration
option?

Sarah Sharp

View attachment ".config-broadway" of type "text/plain" (106822 bytes)

View attachment "klogd-segfault-2010-11-17-17-04.log" of type "text/plain" (65134 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ