[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20170920150329.GA7017@openwall.com>
Date: Wed, 20 Sep 2017 17:03:29 +0200
From: Solar Designer <solar@...nwall.com>
To: Yann Droneaud <ydroneaud@...eya.com>
Cc: riel@...hat.com, linux-kernel@...r.kernel.org,
danielmicay@...il.com, tytso@....edu, keescook@...omium.org,
hpa@...or.com, luto@...capital.net, mingo@...nel.org,
x86@...nel.org, linux-arm-kernel@...ts.infradead.org,
catalin.marinas@....com, linux-sh@...r.kernel.org,
ysato@...rs.sourceforge.jp, kernel-hardening@...ts.openwall.com
Subject: Re: [kernel-hardening] [PATCH v2 0/5] stackprotector: ascii armor the stack canary
On Wed, Sep 20, 2017 at 01:18:04PM +0200, Yann Droneaud wrote:
> Le mardi 19 septembre 2017 ?? 19:16 +0200, Solar Designer a ??crit :
> >
> > We could put/require a NUL in the middle of the canary,
> > but with the full canary being only 64-bit at most that would also
> > make some attacks easier.
>
> Are you suggesting to randomly select which byte to set to 0 in each
> canary ?
Definitely not. That's only 8 different possibilities per canary, and
the weakest one will affect exploitability in each scenario. So that
would be a fairly clear change to the worse.
I suggest that we make no further changes at this time, unless someone
comes up with an idea that would clearly hurt exploitation more than it
helps exploitation, overall across different scenarios.
Alexander
Powered by blists - more mailing lists