Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20170203031151.GA15897@athena>
Date: Thu, 2 Feb 2017 20:11:51 -0700
From: Eddie Kovsky <ewk@...ovsky.org>
To: Kees Cook <keescook@...omium.org>
Cc: Vaishali Thakkar <vaishali.thakkar@...cle.com>,
	"kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com>
Subject: Re: Getting started

On 01/30/17, Kees Cook wrote:
> On Mon, Jan 30, 2017 at 5:41 AM, Vaishali Thakkar
> <vaishali.thakkar@...cle.com> wrote:
> > On Monday 30 January 2017 12:13 AM, Eddie Kovsky wrote:
> >
> >> I'm interested in helping out with this project.
> >>
> >> I have a few small patches in the kernel. I just finished the Eudyptula
> >> Challenge and I'm looking for places where I can continue to contribute.
> 
> Hi! Welcome to the list. :)
> 
> >> I've been reading the list for several months now. I think I have a
> >> general
> >> understanding of the development process. Is there a specific TODO item I
> >> could start off with?
> 
> What areas of the kernel are you the most familiar with, and/or what
> things are you interested in working on? That could help me tailor
> some suggestions.
> 
> > Here, is one TODO list:
> >
> > https://kernsec.org/wiki/index.php/Kernel_Self_Protection_Project
> >
> > Although I think few people are already working on some of these things.
> > May be you can also check the archives of a mailing list.
> 
> The list is a bit terse (it's mostly been a brain dump as things come
> up), but yeah, if you see something there and want to know more, just
> ask. I'm happy to expand on any of them.
> 

I noticed there's been some activity recently with HARDENED_USERCOPY.
And I looked over how mm/usercopy.c was merged in from the grsecurity
patch. I'm curious about this TODO item:

     Identify and extend HARDENED_USERCOPY to other usercopy functions
     (e.g. maybe csum_partial_copy_from_user, csum_and_copy_from_user,
     csum_and_copy_to_user, csum_partial_copy_nocheck?)

It doesn't look like anyone is working on this task right now. But it's not
obvious (to me) what needs to happen to make progress with this. Would this
be a good task to start off with?

Thanks

Eddie

> Thanks!
> 
> -Kees
> 
> -- 
> Kees Cook
> Pixel Security

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.