From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <keescook@google.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id 10453847
	for <ksummit-discuss@lists.linuxfoundation.org>;
	Mon, 24 Aug 2015 23:25:56 +0000 (UTC)
Received: from mail-io0-f181.google.com (mail-io0-f181.google.com
	[209.85.223.181])
	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 7FC9C1FC
	for <ksummit-discuss@lists.linuxfoundation.org>;
	Mon, 24 Aug 2015 23:25:55 +0000 (UTC)
Received: by iodt126 with SMTP id t126so167879933iod.2
	for <ksummit-discuss@lists.linuxfoundation.org>;
	Mon, 24 Aug 2015 16:25:55 -0700 (PDT)
MIME-Version: 1.0
Sender: keescook@google.com
In-Reply-To: <CAGXu5jJxQadzp_bOo0KVjJ0VgwTPBDaEHqxDe8Rr=aCg8ROg9A@mail.gmail.com>
References: <alpine.LRH.2.20.1508241335370.1294@namei.org>
	<CACRpkdbJ15sA0xXz1XN8Z-636-tijT1UNDgf1J+sM9Zm1anSkA@mail.gmail.com>
	<CAGXu5j+XR7TJSgbTNYhCP0YhvvNwA5HtEL=xKCR9GUttzb06Uw@mail.gmail.com>
	<1440446941.2201.32.camel@HansenPartnership.com>
	<alpine.LRH.2.20.1508250612360.22949@namei.org>
	<CAGXu5jJxQadzp_bOo0KVjJ0VgwTPBDaEHqxDe8Rr=aCg8ROg9A@mail.gmail.com>
Date: Mon, 24 Aug 2015 16:25:54 -0700
Message-ID: <CAGXu5jJ+MHUqk0aNv_pYpUik1kJ4p7i5HWdkQgS-Az3Q=p+Fow@mail.gmail.com>
From: Kees Cook <keescook@chromium.org>
To: James Morris <jmorris@namei.org>
Content-Type: text/plain; charset=UTF-8
Cc: James Bottomley <James.Bottomley@hansenpartnership.com>,
	"ksummit-discuss@lists.linuxfoundation.org"
	<ksummit-discuss@lists.linuxfoundation.org>,
	Emily Ratliff <eratliff@linuxfoundation.org>
Subject: Re: [Ksummit-discuss] [TECH TOPIC] Kernel Hardening
List-Id: <ksummit-discuss.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/ksummit-discuss>,
	<mailto:ksummit-discuss-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/ksummit-discuss/>
List-Post: <mailto:ksummit-discuss@lists.linuxfoundation.org>
List-Help: <mailto:ksummit-discuss-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/ksummit-discuss>,
	<mailto:ksummit-discuss-request@lists.linuxfoundation.org?subject=subscribe>

On Mon, Aug 24, 2015 at 3:57 PM, Kees Cook <keescook@chromium.org> wrote:
> On Mon, Aug 24, 2015 at 1:17 PM, James Morris <jmorris@namei.org> wrote:
>> On Mon, 24 Aug 2015, James Bottomley wrote:
>>
>>> Um, forgive me for being dense, but doesn't fixing the flaws stop their
>>> exploitation?  In any event, Hardening means "reducing the attack
>>> surface" and that encompasses both active and passive means (including
>>> actual bug fixing).
>>
>> Hardening is mitigating those flaws.  You'll never find every flaw, but
>> you can mitigate against entire classes of flaws being exploited.
>>
>>> >  The
>>> > hardening the kernel needs is about taking away exploitation tools,
>>> > not killing bugs. (Though killing bugs is still great.)
>>>
>>> It's both.  One of the old standards for attacking C code was buffer
>>> overruns.  Remove those via detection tools and you reduce the attack
>>> surface.
>>
>> In this case, we're specifically talking about hardening the kernel to
>> mitigate exploitation of flaws.  Kernel self-protection may be a better
>> term (and recently surfaced in an NSA presentation at LSS: p.23 of
>>
>> http://kernsec.org/files/lss2015/lss2015_selinuxinandroidlollipopandm_smalley.pdf
>
> Yup. Using "kernel self-protection" cuts right to the point. I'm in
> debt to Stephen for finding the right marketing term for "kernel
> memory corruption vulnerability exploit mitigation". :)

pageexec informs me he used the term earlier...
https://pax.grsecurity.net/docs/PaXTeam-H2HC12-PaX-kernel-self-protection.pdf

Regardless, you're all awesome.

-Kees

-- 
Kees Cook
Chrome OS Security