| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 15 Jun 2018 16:01:45 +0800
From: "Jin, Yao" <yao.jin@...ux.intel.com>
To: Peter Zijlstra <peterz@...radead.org>
Cc: acme@...nel.org, jolsa@...nel.org, mingo@...hat.com,
alexander.shishkin@...ux.intel.com, me@...ehuey.com,
Linux-kernel@...r.kernel.org, vincent.weaver@...ne.edu,
will.deacon@....com, eranian@...gle.com, namhyung@...nel.org,
ak@...ux.intel.com, kan.liang@...el.com, yao.jin@...el.com
Subject: Re: [PATCH v1 0/2] perf: Drop leaked kernel samples
On 6/15/2018 3:45 PM, Peter Zijlstra wrote:
> On Fri, Jun 15, 2018 at 06:03:21PM +0800, Jin Yao wrote:
>> On workloads that do a lot of kernel entry/exits we see kernel
>> samples, even though :u is specified. This is due to skid existing.
>>
>> This might be a security issue because it can leak kernel addresses even
>> though kernel sampling support is disabled.
>>
>> One patch "perf/core: Drop kernel samples even though :u is specified"
>> was posted in last year but it was reverted because it introduced a
>> regression issue that broke the rr-project.
>>
>> Now this patch set uses sysctl to control the dropping of leaked
>> kernel samples.
>
> So what happened to the suggestion of keeping the samples but 0-stuffing
> all the tricky bits?
>
Bring more overhead to kernel if we zero the bits considering the number
of leaked samples may be not too small?
And the skid information may be interesting (see example of hitting on
page_fault in previous mail). If we zero it, we will not know.
Thanks
Jin Yao
Powered by blists - more mailing lists