lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <777bf32f-4657-d590-ce1d-55b65980f0e4@redhat.com>
Date:   Mon, 4 Jul 2022 11:35:33 +0200
From:   David Hildenbrand <david@...hat.com>
To:     Michal Hocko <mhocko@...e.com>, CGEL <cgel.zte@...il.com>
Cc:     linux-mm@...ck.org, linux-kernel@...r.kernel.org, vbabka@...e.cz,
        minchan@...nel.org, oleksandr@...hat.com,
        xu xin <xu.xin16@....com.cn>, Jann Horn <jannh@...gle.com>,
        Andrew Morton <akpm@...ux-foundation.org>
Subject: Re: [PATCH linux-next] mm/madvise: allow KSM hints for
 process_madvise

On 04.07.22 10:40, Michal Hocko wrote:
> On Mon 04-07-22 07:29:41, CGEL wrote:
> [...]
>> Maybe new semantics is needed similarly to MADV_NOHUGEPAGE that ensures that
>> there will *not* be huge pages.
> 
> How do you achieve that with a backward compatibility?

Some apps mark secrets via mlock(). I did not check, but I assume
mlock()'ed pages (in VMAs) would not be applicable to KSM. If they would
be, one option would be to not deduplicate them.

But then, I have no clue what's exploitable via a side channel and
what's not. Eventually, having a proper fix for most side channels would
make KSM safer to use in the the general case. But then, who knows what
security researchers will be able to come up with ...

As a very minimum, there would have to be some kind of toggle to allow
forcing KSM on other applications at all. Either/o a compile-time and a
run-time option. Once most of the known side channels are fixed we could
adjust the default of the run-time option.

(I think to this day, Windows still disables system-wide deduplication
as a default and requires an admin to explicitly enable it)

-- 
Thanks,

David / dhildenb

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ