| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <AANLkTimRN_=APe_PWMFe_6CHHC7psUbCYE-O0qc=mmYY@mail.gmail.com>
Date: Fri, 4 Mar 2011 22:02:51 +0200
From: Pekka Enberg <penberg@...nel.org>
To: Matt Mackall <mpm@...enic.com>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>,
Dave Hansen <dave@...ux.vnet.ibm.com>,
Theodore Tso <tytso@....edu>,
Dan Rosenberg <drosenberg@...curity.com>,
cl@...ux-foundation.org, linux-mm@...ck.org,
linux-kernel@...r.kernel.org, Ingo Molnar <mingo@...e.hu>,
Andrew Morton <akpm@...ux-foundation.org>
Subject: Re: [PATCH] Make /proc/slabinfo 0400
On Fri, Mar 4, 2011 at 8:14 PM, Matt Mackall <mpm@...enic.com> wrote:
>> Of course, as you say, '/proc/meminfo' still does give you the trigger
>> for "oh, now somebody actually allocated a new page". That's totally
>> independent of slabinfo, though (and knowing the number of active
>> slabs would neither help nor hurt somebody who uses meminfo - you
>> might as well allocate new sockets in a loop, and use _only_ meminfo
>> to see when that allocated a new page).
>
> I think lying to the user is much worse than changing the permissions.
> The cost of the resulting confusion is WAY higher.
Yeah, maybe. I've attached a proof of concept patch that attempts to
randomize object layout in individual slabs. I'm don't completely
understand the attack vector so I don't make any claims if the patch
helps or not.
Pekka
View attachment "slub-randomize.patch" of type "text/x-patch" (2313 bytes)
Powered by blists - more mailing lists