| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 27 Dec 2011 16:48:17 -0800 From: Randy Dunlap <rdunlap@...otime.net> To: Andrew Morton <akpm@...ux-foundation.org> CC: Cyrill Gorcunov <gorcunov@...nvz.org>, linux-kernel@...r.kernel.org, Pavel Emelyanov <xemul@...allels.com>, Glauber Costa <glommer@...allels.com>, Andi Kleen <andi@...stfloor.org>, Tejun Heo <tj@...nel.org>, Matt Helsley <matthltc@...ibm.com>, Pekka Enberg <penberg@...nel.org>, Eric Dumazet <eric.dumazet@...il.com>, Vasiliy Kulikov <segoon@...nwall.com>, Alexey Dobriyan <adobriyan@...il.com> Subject: Re: [patch 1/4] Add routine for generating an ID for kernel pointer On 12/27/2011 03:33 PM, Andrew Morton wrote: > On Fri, 23 Dec 2011 16:47:42 +0400 > Cyrill Gorcunov <gorcunov@...nvz.org> wrote: > >> The routine XORs the given pointer with a random value >> producing an ID (32 or 64 bit, depending on the arch). >> >> Since it's a valuable information -- only CAP_SYS_ADMIN >> is allowed to obtain it. >> >> - Tejun worried about the single poison value was a weak side - >> leaking one makes all the IDs vulnerable. To address this >> several poison values - one per object type - are introduced. >> They are stored in a plain array. >> - Pekka proposed to initialized poison values in the late_initcall callback >> - ... and move the code to mm/util.c >> >> ... >> > > The code in general looks simple and reasonable to me. I'm too much of > a security weenie to pass judgement on the security aspects. > >> >> ... >> >> --- linux-2.6.git.orig/mm/Kconfig >> +++ linux-2.6.git/mm/Kconfig >> @@ -373,3 +373,19 @@ config CLEANCACHE >> in a negligible performance hit. >> >> If unsure, say Y to enable cleancache >> + >> +config GENERIC_OBJECT_ID >> + bool "Enable generic object ID infrastructure" >> + depends on CHECKPOINT_RESTORE > > Is c/r useless without GENERIC_OBJECT_ID? If so, perhaps a `select' > would be good here. Is GENERIC_OBJECT_ID useful elsewhere? If so, then it shouldn't depend on CHECKPOINT_RESTORE -- it should just live in lib/ instead of in mm/ and CHECKPOINT_RESTORE should select it. >> + default n >> + help >> + Turn on the functionality that can generate IDs for kernel >> + objects, which are exported to userspace via /proc filesystem. >> + >> + It is useful if you need to examinate kernel objects and test >> + if they are shared between several tasks. These IDs should never >> + be used for anything but the "sameness" test. Besides, the IDs are >> + dynamic and valid only while object is alive, once it get freed or >> + kernel is rebooted -- the IDs will be changed. >> + >> + If unsure, say N here. -- ~Randy *** Remember to use Documentation/SubmitChecklist when testing your code *** -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists