lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 18 May 2022 16:31:26 +0200 From: Jann Horn <jannh@...gle.com> To: cgel.zte@...il.com Cc: akpm@...ux-foundation.org, ammarfaizi2@...weeb.org, oleksandr@...alenko.name, willy@...radead.org, linux-mm@...ck.org, corbet@....net, linux-kernel@...r.kernel.org, xu xin <xu.xin16@....com.cn>, Yang Yang <yang.yang29@....com.cn>, Ran Xiaokai <ran.xiaokai@....com.cn>, wangyong <wang.yong12@....com.cn>, Yunkai Zhang <zhang.yunkai@....com.cn>, Jiang Xuexin <jiang.xuexin@....com.cn>, Michal Hocko <mhocko@...e.com>, Hugh Dickins <hughd@...gle.com>, Linux API <linux-api@...r.kernel.org>, Daniel Gruss <daniel.gruss@...k.tugraz.at> Subject: Re: [PATCH] mm/ksm: introduce ksm_enabled for each process On Tue, May 17, 2022 at 11:27 AM <cgel.zte@...il.com> wrote: > For now, if we want to use KSM to merge pages of some apps, we have to > explicitly call madvise() in application code, which means installed > apps on OS needs to be uninstall and source code needs to be modified. > It is very inconvenient because sometimes users or app developers are not > willing to modify their app source codes for any reasons. As a sidenote: If you're going to enable KSM on your devices, I hope you're aware that KSM significantly reduces security - when cloud providers were using KSM, there were a bunch of papers that abused it for attacks. In particular, KSM inherently creates significant information leaks, because an attacker can determine whether a memory page with specific content exists in other apps through timing side channels. In the worst case, this could lead to an attacker being able to steal things like authentication tokens out of other apps. If you see significant memory savings from enabling KSM, it might be a good idea to look into where exactly those savings are coming from, and look into whether there is a better way to reduce memory utilization that doesn't rely on comparing entire pages against each other. See https://arxiv.org/pdf/2111.08553.pdf for a recent research paper that shows that memory deduplication can even make it possible to remotely (!) leak memory contents out of a machine, over the internet. (On top of that, KSM can also make it easier to pull off Rowhammer attacks in some contexts - see https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_razavi.pdf .)
Powered by blists - more mailing lists