| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20171122161907.GA12684@amd>
Date: Wed, 22 Nov 2017 17:19:07 +0100
From: Pavel Machek <pavel@....cz>
To: Dave Hansen <dave.hansen@...ux.intel.com>
Cc: linux-kernel@...r.kernel.org, linux-mm@...ck.org
Subject: Re: [PATCH 00/23] KAISER: unmap most of the kernel from userspace
page tables
Hi!
> KAISER makes it harder to defeat KASLR, but makes syscalls and
> interrupts slower. These patches are based on work from a team at
> Graz University of Technology posted here[1]. The major addition is
> support for Intel PCIDs which builds on top of Andy Lutomorski's PCID
> work merged for 4.14. PCIDs make KAISER's overhead very reasonable
> for a wide variety of use cases.
Is it useful?
> Full Description:
>
> KAISER is a countermeasure against attacks on kernel address
> information. There are at least three existing, published,
> approaches using the shared user/kernel mapping and hardware features
> to defeat KASLR. One approach referenced in the paper locates the
> kernel by observing differences in page fault timing between
> present-but-inaccessable kernel pages and non-present pages.
I mean... evil userspace will still be able to determine kernel's
location using cache aliasing effects, right?
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
Download attachment "signature.asc" of type "application/pgp-signature" (182 bytes)
Powered by blists - more mailing lists