Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <CAGXu5jJ3FgxXK9WuOLRwnEq=y4dS+CTm+WQBxWe3sYZ7e9p6Gg@mail.gmail.com>
Date: Thu, 5 Nov 2015 12:59:21 -0800
From: Kees Cook <keescook@...omium.org>
To: "kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com>
Cc: Solar Designer <solar@...nwall.com>, Greg KH <gregkh@...uxfoundation.org>, 
	Ben Hutchings <ben@...adent.org.uk>, Ard Biesheuvel <ard.biesheuvel@...aro.org>, 
	James Morris <jmorris@...ei.org>
Subject: Kernel Self Protection Project

I'm organizing a community of people to work on the various kernel
self-protection technologies (most of which are found in PaX and
Grsecurity). I'm building on the presentation I gave at Kernel Summit
where I sought to convince the other upstream Linux kernel developers
that security is more than fixing bugs, and that we need to bring in
proactive defenses:
http://lwn.net/Articles/662219/

This is especially highlighted by the Washington Post article today:
http://www.washingtonpost.com/sf/business/2015/11/05/net-of-insecurity-the-kernel-of-the-argument/

Between the companies that recognize the critical nature of this work,
and with Linux Foundation's Core Infrastructure Initiative happy to
start funding specific work in this area, I think we can really make a
dent.

Let's start the work. I've built some wiki pages around my slides,
where we can take notes, list examples, and coordinate:
http://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project

For now, I'm going to focus on taking a look at the PAX_SIZE_OVERFLOW
gcc plugin, which will also get us the gcc plugin infrastructure.
Other people, please speak up on what you'd like to tackle.

I recommend PAX_REFCOUNT, PAX_USERCOPY, and GRKERNSEC_KSTACKOVERFLOW
for some non-plugin stuff to look at.

Once we've got plugins, then we should look at PAX_MEMORY_STACKLEAK
and PAX_CONSTIFY_PLUGIN.

If you're feeling like disrupting people who depend on debugging, do
GRKERNSEC_HIDESYM.

If you're feeling especially bold, start on PAX_KERNEXEC and follow it
up with PAX_MEMORY_UDEREF.

Of course, there's plenty of other things, and tons I haven't listed
in the wiki -- please add them and bring them up for discussion here.

-Kees

-- 
Kees Cook
Chrome OS Security

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.