lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20200301001123.GA1278373@rani.riverdale.lan>
Date:   Sat, 29 Feb 2020 19:11:23 -0500
From:   Arvind Sankar <nivedita@...m.mit.edu>
To:     Kees Cook <keescook@...omium.org>
Cc:     Arvind Sankar <nivedita@...m.mit.edu>, dave.hansen@...ux.intel.com,
        kernel-hardening@...ts.openwall.com, linux-kernel@...r.kernel.org,
        luto@...nel.org, me@...in.cc, peterz@...radead.org, tycho@...ho.ws,
        x86@...nel.org
Subject: Re: [PATCH] x86/mm/init_32: Don't print out kernel memory layout if
 KASLR

On Sat, Feb 29, 2020 at 03:51:45PM -0800, Kees Cook wrote:
> Arvind Sankar said:
> > For security, only show the virtual kernel memory layout if KASLR is
> > disabled.
> 
> These have been entirely removed on other architectures, so let's
> just do the same for ia32 and remove it unconditionally.
> 
> 071929dbdd86 ("arm64: Stop printing the virtual memory layout")
> 1c31d4e96b8c ("ARM: 8820/1: mm: Stop printing the virtual memory layout")
> 31833332f798 ("m68k/mm: Stop printing the virtual memory layout")
> fd8d0ca25631 ("parisc: Hide virtual kernel memory layout")
> adb1fe9ae2ee ("mm/page_alloc: Remove kernel address exposure in free_reserved_area()")
> 
> -Kees
> 
> -- 
> Kees Cook

microblaze (arch/microblaze/mm/init.c) and PPC32 (arch/powerpc/mm/mem.c)
appear to still print it out. I can't test those, but will resubmit
x86-32 with it removed.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ