| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1430774218-5311-1-git-send-email-anisse@astier.eu> Date: Mon, 4 May 2015 23:16:54 +0200 From: Anisse Astier <anisse@...ier.eu> To: unlisted-recipients:; (no To-header on input) Cc: Anisse Astier <anisse@...ier.eu>, Andrew Morton <akpm@...ux-foundation.org>, Mel Gorman <mgorman@...e.de>, "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>, David Rientjes <rientjes@...gle.com>, Alan Cox <gnomes@...rguk.ukuu.org.uk>, Linus Torvalds <torvalds@...ux-foundation.org>, Peter Zijlstra <peterz@...radead.org>, PaX Team <pageexec@...email.hu>, Brad Spengler <spender@...ecurity.net>, Kees Cook <keescook@...omium.org>, Andi Kleen <andi@...stfloor.org>, linux-mm@...ck.org, linux-kernel@...r.kernel.org Subject: [PATCH v2 0/4] Sanitizing freed pages Hi, I'm trying revive an old debate here[1], though with a simpler approach than was previously tried. This patch series implements a new option to sanitize freed pages, a (very) small subset of what is done in PaX/grsecurity[3], inspired by a previous submission [4]. The first patch is fairly independent, and could be taken as-is. The second is the meat and should be straight-forward to review. There are a few different uses that this can cover: - some cases of use-after-free could be detected (crashes), although this not as efficient as KAsan/kmemcheck - it can help with long-term memory consumption in an environment with multiple VMs and Kernel Same-page Merging on the host. [2] - finally, it can reduce infoleaks, although this is hard to measure. The approach is voluntarily kept as simple as possible. A single configuration option, no command line option, no sysctl nob. It can of course be changed, although I'd be wary of runtime-configuration options that could be used for races. I haven't been able to measure a meaningful performance difference when compiling a (in-cache) kernel; I'd be interested to see what difference it makes with your particular workload/hardware (I suspect mine is CPU-bound on this small laptop). Changes since v1: - fix some issues raised by David Rientjes, Andi Kleen and PaX Team. - add hibernate fix (third patch) - add debug code, this is "just in case" someone has an issue with this feature. Not sure if it should be merged. [1] https://lwn.net/Articles/334747/ [2] https://staff.aist.go.jp/k.suzaki/EuroSec12-SUZAKI-revised2.pdf [3] http://en.wikibooks.org/wiki/Grsecurity/Appendix/Grsecurity_and_PaX_Configuration_Options#Sanitize_all_freed_memory [4] http://article.gmane.org/gmane.linux.kernel.mm/34398 Anisse Astier (4): mm/page_alloc.c: cleanup obsolete KM_USER* mm/page_alloc.c: add config option to sanitize freed pages PM / Hibernate: fix SANITIZE_FREED_PAGES mm: Add debug code for SANITIZE_FREED_PAGES kernel/power/hibernate.c | 7 ++++++- kernel/power/power.h | 4 ++++ kernel/power/snapshot.c | 24 ++++++++++++++++++++++ mm/Kconfig | 22 ++++++++++++++++++++ mm/page_alloc.c | 52 ++++++++++++++++++++++++++++++++++-------------- 5 files changed, 93 insertions(+), 16 deletions(-) -- 1.9.3 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists