| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAGXu5jLC3u2DNRPRrDONm=iQ7y4-bLs4+J1VTt6_NqAkrmrkTw@mail.gmail.com> Date: Mon, 9 Mar 2015 17:03:40 -0700 From: Kees Cook <keescook@...omium.org> To: "Eric W. Biederman" <ebiederm@...ssion.com> Cc: Dave Hansen <dave@...1.net>, Andrew Morton <akpm@...ux-foundation.org>, "Theodore Ts'o" <tytso@....edu>, Oleg Nesterov <oleg@...hat.com>, LKML <linux-kernel@...r.kernel.org>, Dave Hansen <dave.hansen@...ux.intel.com> Subject: Re: [RFC][PATCH 1/2] fs proc: make pagemap a privileged interface On Mon, Mar 9, 2015 at 4:43 PM, Eric W. Biederman <ebiederm@...ssion.com> wrote: > > A 1 to 1 blinding function like integer multiplication mudulo 2^32 by an > appropriate random number ought to keep from revealing page numbers or > page ajacencies while not requiring any changes in userspace. > > That way the revealed pfn and the physcial pfn would be different but > you could still use pagemap for it's intended purpose. If this could be done in a way where it was sufficiently hard to expose the random number, we should absolutely do this. And this could be done for socket handles in INET_DIAG too. We have a lot of these kinds of "handle" leaks where the handle's can be regarded as private information leakage. -Kees -- Kees Cook Chrome OS Security -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists