lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Tue, 15 Aug 2017 09:42:37 -0400
From:   Rik van Riel <riel@...hat.com>
To:     Jordan Glover <Golden_Miller83@...tonmail.ch>,
        Ingo Molnar <mingo@...nel.org>
Cc:     Thomas Garnier <thgarnie@...gle.com>,
        Herbert Xu <herbert@...dor.apana.org.au>,
        Peter Zijlstra <peterz@...radead.org>,
        Arnd Bergmann <arnd@...db.de>,
        Tom Lendacky <thomas.lendacky@....com>,
        Andy Lutomirski <luto@...nel.org>,
        Len Brown <len.brown@...el.com>, Pavel Machek <pavel@....cz>,
        Tejun Heo <tj@...nel.org>, Christoph Lameter <cl@...ux.com>,
        Chris Metcalf <cmetcalf@...lanox.com>,
        Markus Trippelsdorf <markus@...ppelsdorf.de>,
        Kees Cook <keescook@...omium.org>,
        David Howells <dhowells@...hat.com>,
        Waiman Long <longman@...hat.com>,
        Peter Foley <pefoley2@...oley.com>,
        Tim Chen <tim.c.chen@...ux.intel.com>,
        Ard Biesheuvel <ard.biesheuvel@...aro.org>,
        Michal Hocko <mhocko@...e.com>,
        "H . J . Lu" <hjl.tools@...il.com>,
        Daniel Micay <danielmicay@...il.com>,
        LKML <linux-kernel@...r.kernel.org>,
        Kernel Hardening <kernel-hardening@...ts.openwall.com>
Subject: Re: [kernel-hardening] Re: x86: PIE support and option to extend
 KASLR randomization

On Tue, 2017-08-15 at 08:15 -0400, Jordan Glover wrote:
> Hello,
> I write to put different perspective into the topic. I'm glad that
> kernel developers care about performance optimizations and I see how
> 10% overhead can be a problem for some. On the other hand last ten
> years gave us 1000% faster hardware which trumps anything software
> can do. For many users like us performance isn't a problem, we have
> plenty of it and if we haven't we can buy it. It can be money
> problem, not software engineering problem.

CPUs stopped getting faster at a dramatic rate, though,
while network cards continue to get faster.

In some areas, the kernel is more squeezed for CPU cycles
today than it has ever been before.

Ingo is suggesting that the security enhancement be
implemented in a way that doesn't come with a 10% performance
gain. There are other ways to relocate a kernel than with PIE.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ