lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 21 Jan 2014 15:14:19 +0100
From:	Ingo Molnar <mingo@...nel.org>
To:	"H. Peter Anvin" <hpa@...or.com>
Cc:	Linus Torvalds <torvalds@...ux-foundation.org>,
	Adrian Hunter <adrian.hunter@...el.com>,
	Arnaldo Carvalho de Melo <acme@...radead.org>,
	Arnaldo Carvalho de Melo <acme@...stprotocols.net>,
	Peter Zijlstra <a.p.zijlstra@...llo.nl>,
	Cong Ding <dinggnu@...il.com>,
	"H. Peter Anvin" <hpa@...ux.intel.com>,
	Ingo Molnar <mingo@...e.hu>, Kees Cook <keescook@...omium.org>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	Mathias Krause <minipli@...glemail.com>,
	Michael Davidson <md@...gle.com>,
	Thomas Gleixner <tglx@...utronix.de>,
	Wei Yongjun <yongjun_wei@...ndmicro.com.cn>
Subject: Re: [GIT PULL] x86/kaslr for v3.14


* H. Peter Anvin <hpa@...or.com> wrote:

> On 01/21/2014 06:03 AM, Ingo Molnar wrote:
> > 
> > * H. Peter Anvin <hpa@...or.com> wrote:
> > 
> >> On 01/21/2014 02:27 AM, Ingo Molnar wrote:
> >>>
> >>> Hm, live annotation of the kernel image is a relatively new perf 
> >>> feature, and KASLR predated that (by years) - which would at least in 
> >>> part explain why it went unnoticed. (Although it does not excuse the 
> >>> lack of testing.)
> >>
> >> kASLR is new, but on 32 bits we have relocated the kernel for a long 
> >> time. [...]
> > 
> > I doubt many people develop on 32-bit x86, and the group of people 
> > looking at annotated 32-bit assembly kernel profiles ought to be 
> > another order of magnitude smaller than that ...
> 
> Yes... I was commenting on the statement that "kASLR predated that 
> by years".  It hasn't been common.

Ah, I didn't mean to suggest that it's an old upstream feature: what I 
mean is that the KASLR patch is pretty old, and it has been deployed 
by the Chromium guys for quite some time, and by others?

It was just never combined with perf live annotation which is a recent 
perf feature.

Anyway ... I suspect it's the fixing of the bug that matters most, not 
its genealogy ;)

Thanks,

	Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ