[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20161011234021.GA16858@remoulade>
Date: Wed, 12 Oct 2016 00:40:22 +0100
From: Mark Rutland <mark.rutland@....com>
To: Ard Biesheuvel <ard.biesheuvel@...aro.org>
Cc: kernel-hardening@...ts.openwall.com,
Laura Abbott <labbott@...oraproject.org>
Subject: Re: initcall randomization
On Tue, Oct 11, 2016 at 07:28:46PM +0100, Ard Biesheuvel wrote:
> vmalloc and ioremap calls will simply be served bottom up, which is
> why the beginning of the vmalloc area mostly looks the same between
> boots, i.e., all non-kaslr boots look identical, and all kaslr boots
> look identical with little variation.
>
> I am aware that random vmalloc is a bad idea,
I must confess ignorance here; what problems does random vmalloc pose in
particular?
> hence my suggestion to perhaps randomize during the __init phase. I
> must admit that this is simply me holding the randomization hammer and
> looking for things that vaguely resemble nails, hence my request for
> discussion rather than proposing patches.
Do we have a particular threat model this helps with?
Is it similar to that for SLUB freelist randomization?
Do we have vmalloc area sepcific information leaks?
Thanks,
Mark.
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
