| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1294058802.19182.28.camel@Tobias-Karnat>
Date: Mon, 03 Jan 2011 13:46:42 +0100
From: Tobias Karnat <tobias.karnat@...glemail.com>
To: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 3/3 V13] RO/NX protection for loadable kernel
> Sure. I can verify that the patch series (a) doesn't break well-behaved
> modules and (b) it *does* trigger for misbehaving modules (I sent the
> VirtualBox crew a bug report for a module that tried to write to an area
> marked executable).
This seems to be fixed by VirtualBox 4.
I applied the patchset to 2.6.36.
('All in one' patch, http://pastebin.com/raw.php?i=6CDnAkjP )
I have however noticed that after enabling;
CONFIG_DEBUG_KERNEL, CONFIG_DEBUG_RODATA and CONFIG_DEBUG_SET_MODULE_RONX
there are three "Freeing unused kernel memory" messages, is this correct?
Before applying patch:
[ 1.449499] Freeing initrd memory: 16328k freed
[ 3.336464] Freeing unused kernel memory: 844k freed
After applying patch:
[ 1.449262] Freeing initrd memory: 16328k freed
[ 3.297901] Freeing unused kernel memory: 844k freed
[ 3.311849] Write protecting the kernel read-only data: 8192k
[ 3.327592] Freeing unused kernel memory: 448k freed
[ 3.342651] Freeing unused kernel memory: 276k freed
And why does CONFIG_DEBUG_RODATA depend on CONFIG_DEBUG_KERNEL;
Isn't it primarily a security enhancement?
-Tobias
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists