lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <fv3ijx6vcha2hfn5m2py4h73ympmgbur6wruwoej5pbz2lhjfc@t5j7gfa5j674>
Date: Mon, 14 Apr 2025 17:43:20 -0500
From: Maxwell Bland <mbland@...orola.com>
To: Kevin Brodsky <kevin.brodsky@....com>
Cc: linux-kernel@...r.kernel.org, Andrew Morton <akpm@...ux-foundation.org>,
        Mark Brown <broonie@...nel.org>,
        Catalin Marinas <catalin.marinas@....com>,
        Dave Hansen <dave.hansen@...ux.intel.com>,
        Jann Horn <jannh@...gle.com>, Jeff Xu <jeffxu@...omium.org>,
        Joey Gouly <joey.gouly@....com>, Kees Cook <kees@...nel.org>,
        Linus Walleij <linus.walleij@...aro.org>,
        Andy Lutomirski <luto@...nel.org>, Marc Zyngier <maz@...nel.org>,
        Peter Zijlstra <peterz@...radead.org>,
        Pierre Langlois <pierre.langlois@....com>,
        Quentin Perret <qperret@...gle.com>,
        "Mike Rapoport (IBM)" <rppt@...nel.org>,
        Ryan Roberts <ryan.roberts@....com>,
        Thomas Gleixner <tglx@...utronix.de>, Will Deacon <will@...nel.org>,
        Matthew Wilcox <willy@...radead.org>,
        Qi Zheng <zhengqi.arch@...edance.com>,
        linux-arm-kernel@...ts.infradead.org, linux-mm@...ck.org,
        x86@...nel.org
Subject: Re: [RFC PATCH v3 00/15] pkeys-based page table hardening

On Fri, Apr 04, 2025 at 09:57:02AM +0200, Kevin Brodsky wrote:
> On 28/03/2025 17:15, Maxwell Bland wrote:
> Overall this seems worth investigating. I wonder, have you considered
> how accessors would find the shadow memory? It could of course be linked
> directly from task_struct, but then nothing prevents that pointer from
> being corrupted. I can't think of another cheap way to link $p$ though.
> This is not a full-blown shadow memory approach, so I'm not sure we can
> reserve a whole chunk of the address space for that purpose.

Hi, apologies for the delay again, I had much fire to put out last week.

I saw you posted a V4 for this, so I'll close out this chain.

W.r.t. the above, it may be possible to segment the RB tree in vmalloc.c
and designate an allocation region for this purpose. I did something
similar to enforce PXNTable-across-vmalloc a year or so ago which ended
up successful on a production device.

I plan to experiment a bit with different approaches and will probably
send the code to the mailing list once/if I get something together (also
if it isn't pre-empted by someone smarter and faster doing something
better).  (-:

> Indeed. For experimenting a Coccinelle script to convert direct access
> to certain members to a function call is probably easier :)

This does keep it in-kernel, which is nice, and I will keep this in mind
as I write.

Thank you for the discussion and patch, as well as the newest one!

- Maxwell Bland

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ