All of lore.kernel.org
 help / color / mirror / Atom feed
From: Laura Abbott <laura@labbott.name>
To: kernel-hardening@lists.openwall.com
Subject: [kernel-hardening] Looking at PAX_MEMORY_SANITIZE
Date: Wed, 16 Dec 2015 10:46:08 -0800	[thread overview]
Message-ID: <5671B170.1090508@labbott.name> (raw)

Hi,

I started looking at PAX_MEMORY_SANITIZE for bringing into the kernel. I thought
I would give a short update on what I've found so far for feedback and the like.

PAX_MEMORY_SANITIZE is used for clearing both the SL*B allocators and the
buddy allocator on free. Arguably, similar behavior exists already as debug
features (SLUB_DEBUG poison, DEBUG_PAGEALLOC for some arches). Given what we're
already finding with features like DEBUG_RODATA though, the sanitization really
needs to be a separate Kconfig not tied to debugging. I debated trying to make
those Kconfigs non-debug but they were tied to other features besides poison/
sanitization.

I've been focusing my efforts on the SL*B allocators. As it stands, the feature
is fairly self-contained and mostly just needs some refactoring. I plan on
expanding the command line option to give a bit more control on where the
sanitization happens. The sanitization currently always happens on the fast path
so my thought was to allow the option of sanitizing only on the slow path.
The existing PaX code also disables cache merging. It's not clear if this is an
additional security measure but the sanitization as written doesn't work with
merging. For at least the first version, slab merging will be disabled when
sanitization is enabled on a slab.

I'm hoping to post actual patches before I go on vacation for the holidays next
week. Early feedback is appreciated as well if I missed anything.

Thanks,
Laura

             reply	other threads:[~2015-12-16 18:46 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-12-16 18:46 Laura Abbott [this message]
2015-12-16 20:15 ` [kernel-hardening] Looking at PAX_MEMORY_SANITIZE Yves-Alexis Perez
2015-12-17 20:03   ` Laura Abbott
2015-12-17 20:15     ` Kees Cook
2015-12-17  1:29 ` Kees Cook
2015-12-17 20:15   ` Laura Abbott
2015-12-17 20:27     ` Kees Cook

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=5671B170.1090508@labbott.name \
    --to=laura@labbott.name \
    --cc=kernel-hardening@lists.openwall.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.