| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 17 May 2013 18:29:35 -0700 (PDT) From: David Miller <davem@...emloft.net> To: eric.dumazet@...il.com Cc: netdev@...r.kernel.org, viro@...IV.linux.org.uk Subject: Re: [PATCH net-next] x86: bpf_jit_comp: can call module_free() from any context From: Eric Dumazet <eric.dumazet@...il.com> Date: Fri, 17 May 2013 15:22:46 -0700 > I am considering adding ReadOnly protection to the pages containing BPF > generated code, like we do for modules text if > CONFIG_DEBUG_SET_MODULE_RONX=y > > Should we have an option to configure this, driven by HAVE_BPF_JIT_RO, > or should we do the RO thing in all cases (ie not adding yet another > Kconfig stuff) I think we should do this unconditionally, it'll be noise as far as overhead during filter compilation. > Another ongoing work is to add some protection against BPF JIT spraying > attacks > ( http://mainisusuallyafunction.blogspot.com/2012/11/attacking-hardened-linux-systems-with.html ) > > My idea would be to have a hole of random size before the code, filled > with 0xcc (int3) opcodes. Since we allocate a multiple of PAGE_SIZE > anyway, we have plenty of available space to play with. This sounds like a good idea too. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists