| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <AANLkTikQxOgYFLbc2KbEKgRYL1RCnkPE-T80-GBY2Cgj@mail.gmail.com>
Date: Sat, 5 Mar 2011 00:14:57 +0200
From: Pekka Enberg <penberg@...nel.org>
To: Dan Rosenberg <drosenberg@...curity.com>
Cc: Matt Mackall <mpm@...enic.com>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Dave Hansen <dave@...ux.vnet.ibm.com>,
Theodore Tso <tytso@....edu>, cl@...ux-foundation.org,
linux-mm@...ck.org, linux-kernel@...r.kernel.org,
Ingo Molnar <mingo@...e.hu>,
Andrew Morton <akpm@...ux-foundation.org>
Subject: Re: [PATCH] Make /proc/slabinfo 0400
On Sat, Mar 5, 2011 at 12:10 AM, Pekka Enberg <penberg@...nel.org> wrote:
> I can think of four things that will make things harder for the
> attacker (in the order of least theoretical performance impact):
>
> (1) disable slub merging
>
> (2) pin down random objects in the slab during setup (i.e. don't
> allow them to be allocated)
>
> (3) randomize the initial freelist
>
> (4) randomize padding between objects in a slab
>
> AFAICT, all of them will make brute force attacks using the kernel
> heap as an attack vector harder but won't prevent them.
There's also a fifth one:
(5) randomize slab page allocation order
which will make it harder to make sure you have full control over a
slab and figure out which allocation lands on it.
Pekka
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists