From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=uuCM=JG=kernelnewbies.org=kernelnewbies-bounces@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-0.5 required=3.0 tests=BAYES_00,DKIM_INVALID,
	DKIM_SIGNED,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,
	HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,
	URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id C7035C433ED
	for <kernelnewbies@archiver.kernel.org>; Fri,  9 Apr 2021 16:09:08 +0000 (UTC)
Received: from shelob.surriel.com (shelob.surriel.com [96.67.55.147])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 27C91601FC
	for <kernelnewbies@archiver.kernel.org>; Fri,  9 Apr 2021 16:09:08 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 27C91601FC
Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=gmx.com
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=kernelnewbies-bounces@kernelnewbies.org
Received: from localhost ([::1] helo=shelob.surriel.com)
	by shelob.surriel.com with esmtp (Exim 4.94)
	(envelope-from <kernelnewbies-bounces@kernelnewbies.org>)
	id 1lUtgf-0007z2-B4; Fri, 09 Apr 2021 12:08:49 -0400
Received: from mout.gmx.net ([212.227.15.18])
 by shelob.surriel.com with esmtps (TLS1.2) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94)
 (envelope-from <john.wood@gmx.com>) id 1lUtgb-0007pU-0W
 for kernelnewbies@kernelnewbies.org; Fri, 09 Apr 2021 12:08:45 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net;
 s=badeba3b8450; t=1617984506;
 bh=HEzSNgADWM4JdH/UP4RWxfXteS7uGjPvcCoUhETis/w=;
 h=X-UI-Sender-Class:Date:From:To:Cc:Subject:References:In-Reply-To;
 b=TMp7qmyOTZ06xZtd3IkwSP3IInsseEcEgh3JgzcGx4qzd7o1uncrGzYdEvgq3C4gr
 ZeNAoaODnWiuEHh0wNKdPbc50soCpSvVH5eWBOnn4/+2KbADchHCCp9XPQXKz03Qjo
 IxL72Qyu0QN3YHxTfKAb+TGUGDug2AIXg2tmFXN0=
X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c
Received: from ubuntu ([83.52.229.153]) by mail.gmx.net (mrgmx005
 [212.227.17.184]) with ESMTPSA (Nemesis) id 1MMGRA-1lEshT48ww-00JFln; Fri, 09
 Apr 2021 18:08:26 +0200
Date: Fri, 9 Apr 2021 18:08:14 +0200
From: John Wood <john.wood@gmx.com>
To: Andi Kleen <ak@linux.intel.com>
Subject: Re: Notify special task kill using wait* functions
Message-ID: <20210409160814.GA4937@ubuntu>
References: <145687.1617485641@turing-police> <20210404094837.GA3263@ubuntu>
 <193167.1617570625@turing-police> <20210405073147.GA3053@ubuntu>
 <115437.1617753336@turing-police> <20210407175151.GA3301@ubuntu>
 <184666.1617827926@turing-police>
 <20210408015148.GB3762101@tassilo.jf.intel.com>
 <20210409142933.GA3150@ubuntu>
 <20210409150621.GJ3762101@tassilo.jf.intel.com>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <20210409150621.GJ3762101@tassilo.jf.intel.com>
X-Provags-ID: V03:K1:IsLAyPnMEKrzZmnegL9MyBRHawdUyxil//3hcCrquCaKFVNVr0o
 g0p6Jc7cmZTcu5XqE+R8rFrnselUZm4OY3Ky5j/XxQcaJHWZUDPhYP6OIyAS4HH31LN/Uxx
 +TP1OGTLcIBB/VSUjq5h0tC7MSC7eR5Z+gvUicuIghTDCn3aZcYsXHHY7nV6GeUYPkVwu5W
 gNDsv+QhpRI0FOeZP8Bsw==
X-UI-Out-Filterresults: notjunk:1;V03:K0:w/ghK7fOuso=:HM2XrcA+UBAA6skFfEdrJf
 qH8ZitfDacjhM9eBr22yNOkWWyXGT2XHxoGBXw1KP3RZRQSRx5rKLOU7ZPcRa84pu72onwApT
 XRD4NIs1V848Ixkdg2z7QJvh7x5ECDCLy1m8zmmVX5QufVaYPH1SUCw5RlS2FxxtrMvHqXCsj
 sCeqSn7VUMlA0PQ8JG1Z01g07euXSoqB25fs10z5AZuUZGjO8IB+QTqH//E4zdAlzCxTgx2lR
 5j6fPTgLEhFHBwYc6OWCS4/NZbyJxLa7Zl9jjp0Pon5q1YjM4q1DeDE0/mX3gEb0GBl6zKFdq
 wtM51eCe5hBC9o6MlVwAixQh6+nkaPcSu+O2h5aoM1O/dG7fNj3Vlj8T/Mp9fKYvUbP3cCXAD
 VqykZ5YcxveVf6eKg2xW3aGbmPV5uqgiP0agBBEFMloW7rXyEM7+VzOVrb1WwOXIalaMGVESn
 RmACrhQ4Nem6+2Rq2GZSaG+FmAyo4bGvBzeq36RXaG50EhulLFCbHfzM5qQmD+d1PKYUYetEI
 +BBgyBKvUjt9fuawDPMEDpIDgVKt75cwrGuiWMn9fGDtZIi4vi3cgiMMbb3QI0254ClRgM5X9
 SBjYQqE5J0RMhD3d4MZO7GY88Z+v8te6B6ffP1nTuCcOn/rXTJyTflJxWvHUmMWxxU8X7FxUV
 cNSE41BSpu/Ao2RIYgwdALDXpeoQwPNdOlTi8VZyZ2C1MUQXMzcgyWt8sQxUkH4P79EOo8fGL
 abSSzgAD1Ym7jfIKujzgleneBeah4Y3CTFku4JEAVKNHQPofnjOV0vci/z1wi/rA/8qr+Gcap
 1n3T7dkVLTTk8smDNVU0Byh/3rEnf8s7xQwburuqZAPH6Id11RQHf3yHuYb5U6xTwERyRtJ6N
 TR3M89mOKh6gpYly1lAzrrB+x6D1ycM2W71sjz4FxK13cu3CxhttaS/kM3zawzGKHhwH6IOS1
 C8lEVSg3BYaITasxxMD3Zfp1YiQtFlXJZ5oP/zl7LRk9GEj4Ey24pVOBtQZbvX3yRyFT1gTgJ
 RWKWCVeefVGamp4CpwUdRz7Aq6m5XaOy+FBWoE1CVlhfEbmlBzyzDTOjLodpTvGFVlhUu1Tyy
 IUN9EiJVhTWCgISl8LRR2HAjd70Hi9AJXmC3N5lI6atzbobMQMepoRYN7F1zfzTDPaKb5FHpd
 bl23eqQOUsmWPUWLFIMgNe0E2T4R7JZYV6JoG9+a+LifEeqb4SWesatDkLNcQRcdGn2uA=
Cc: Valdis =?utf-8?Q?Kl=C4=93tnieks?= <valdis.kletnieks@vt.edu>,
 kernel-hardening@lists.openwall.com, John Wood <john.wood@gmx.com>,
 Kees Cook <keescook@chromium.org>, kernelnewbies@kernelnewbies.org
X-BeenThere: kernelnewbies@kernelnewbies.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Learn about the Linux kernel <kernelnewbies.kernelnewbies.org>
List-Unsubscribe: <https://lists.kernelnewbies.org/mailman/options/kernelnewbies>, 
 <mailto:kernelnewbies-request@kernelnewbies.org?subject=unsubscribe>
List-Archive: <http://lists.kernelnewbies.org/pipermail/kernelnewbies/>
List-Post: <mailto:kernelnewbies@kernelnewbies.org>
List-Help: <mailto:kernelnewbies-request@kernelnewbies.org?subject=help>
List-Subscribe: <https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies>, 
 <mailto:kernelnewbies-request@kernelnewbies.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kernelnewbies-bounces@kernelnewbies.org

Hi,

On Fri, Apr 09, 2021 at 08:06:21AM -0700, Andi Kleen wrote:
> > > Any caching of state is inherently insecure because any caches of limited
> > > size can be always thrashed by a purposeful attacker. I suppose the
> > > only thing that would work is to actually write something to the
> > > executable itself on disk, but of course that doesn't always work either.
> >
> > I'm also working on this. In the next version I will try to find a way to
> > prevent brute force attacks through the execve system call with more than
> > one level of forking.
>
> Thanks.
>
> Thinking more about it what I wrote above wasn't quite right. The cache
> would only need to be as big as the number of attackable services/suid
> binaries. Presumably on many production systems that's rather small,
> so a cache (which wouldn't actually be a cache, but a complete database)
> might actually work.

Thanks. I will keep it in mind.

>
> -Andi

Regards,
John Wood

_______________________________________________
Kernelnewbies mailing list
Kernelnewbies@kernelnewbies.org
https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies