| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 22 Dec 2014 12:00:17 -0800 From: Andy Lutomirski <luto@...capital.net> To: Jiri Kosina <jkosina@...e.cz> Cc: Hector Marco Gisbert <hecmargi@....es>, Cyrill Gorcunov <gorcunov@...nvz.org>, Pavel Emelyanov <xemul@...allels.com>, Catalin Marinas <catalin.marinas@....com>, Heiko Carstens <heiko.carstens@...ibm.com>, Oleg Nesterov <oleg@...hat.com>, Ingo Molnar <mingo@...hat.com>, Anton Blanchard <anton@...ba.org>, Russell King - ARM Linux <linux@....linux.org.uk>, "H. Peter Anvin" <hpa@...or.com>, David Daney <ddaney.cavm@...il.com>, Andrew Morton <akpm@...ux-foundation.org>, Arun Chandran <achandran@...sta.com>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Martin Schwidefsky <schwidefsky@...ibm.com>, Ismael Ripoll <iripoll@...ca.upv.es>, Christian Borntraeger <borntraeger@...ibm.com>, Thomas Gleixner <tglx@...utronix.de>, Hanno Böck <hanno@...eck.de>, Will Deacon <will.deacon@....com>, Benjamin Herrenschmidt <benh@...nel.crashing.org>, Kees Cook <keescook@...omium.org>, Reno Robert <renorobert@...il.com> Subject: Re: [PATCH] ASLRv3: randomize_va_space=3 preventing offset2lib attack On Mon, Dec 22, 2014 at 11:49 AM, Jiri Kosina <jkosina@...e.cz> wrote: > On Mon, 22 Dec 2014, Andy Lutomirski wrote: > >> a. With PIE executables, the offset from the executable to the >> libraries is constant. This is unfortunate when your threat model >> allows you to learn the executable base address and all your gadgets >> are in shared libraries. > > When I was originally pushing PIE executable randomization, I have been > thinking about ways to solve this. > > In theory, we could start playing games with load_addr in > load_elf_interp() and randomizing it completely independently from mmap() > base randomization, but the question is whether it's really worth the > hassle and binfmt_elf code complication. I am not convinced. It could be worth having a mode that goes all out: randomize every single allocation independently in, say, a 45 or 46-byte range. That would be about as strong ASLR as we could possibly have, it would result in guard intervals around mmap data allocations (which has real value), and it would still leave plenty of space for big address space hogs like the Chromium sandbox. The main downside would be lots of memory used for page tables. --Andy > > -- > Jiri Kosina > SUSE Labs -- Andy Lutomirski AMA Capital Management, LLC -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists