| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <alpine.DEB.2.02.1105271141020.30828@asgard.lang.hm> Date: Fri, 27 May 2011 11:48:14 -0700 (PDT) From: david@...g.hm To: Ingo Molnar <mingo@...e.hu> cc: Linus Torvalds <torvalds@...ux-foundation.org>, Dan Rosenberg <drosenberg@...curity.com>, "Rafael J. Wysocki" <rjw@...k.pl>, Tony Luck <tony.luck@...il.com>, linux-kernel <linux-kernel@...r.kernel.org>, davej@...hat.com, kees.cook@...onical.com, davem@...emloft.net, eranian@...gle.com, adobriyan@...il.com, penberg@...nel.org, hpa@...or.com, Arjan van de Ven <arjan@...radead.org>, Andrew Morton <akpm@...ux-foundation.org>, Valdis.Kletnieks@...edu, pageexec@...email.hu Subject: Re: [RFC][PATCH] Randomize kernel base address on boot On Fri, 27 May 2011, Ingo Molnar wrote: I don't think these two new images are as important as you are tagging them. I would put them down with the 'protect the system from root' type of issues. > - Boot time dynamic randomization allows randomization of 'mass > install' systems, where the same image is used, to still be > randomized: for example a million phones all with the same Flash > ROM image and no 'install' performed at all on them. > > With static randomization these systems will all have the same > kernel addresses. there is already a need to be able to customize these systems on an individual system basis (think SSL certs or ssh keys for example) yes, this makes it a little more difficult than just 'drop this image bit for bit on the system', but it's not that hard to setup a 'the first time you boot do this stuff then reboot' step, and that step can do the 'install time' stuff. > - Boot time dynamic randomization allows read-only systems to still > be randomized: for example internet cafes that use some popular > pre-packaged kiosk-mode live-DVD. They probably wont bother > randomizing and relinking the ISOs per machine and burning per > machine DVDs ... this matters a little bit more because a script to create a custom DVD image on the fly is more difficult. however, I think this is a significantly less important target, specifically because these are read-only system images. but if someone really cares about this, they just need to create a stack of slightly different DVDs. if this can be batched up and automated it's not that big a deal. the DVDs don't really need to be per-machine, just a variety of them. David Lang -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists