|
Message-ID: <CAGXu5jJoid5Guiv4oCP2kL_p7sh0L2f=CdXJZcXvtpY6V0iGZQ@mail.gmail.com> Date: Thu, 20 Apr 2017 13:58:57 -0700 From: Kees Cook <keescook@...omium.org> To: Kaiwan N Billimoria <kaiwan@...wantech.com>, Daniel Micay <danielmicay@...il.com> Cc: "kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com> Subject: Re: [RFC] mm: enable sanitizing via CONFIG On Mon, Mar 27, 2017 at 3:54 AM, Kaiwan N Billimoria <kaiwan@...wantech.com> wrote: > On Thu, Mar 2, 2017 at 12:46 AM, Kees Cook <keescook@...omium.org> wrote: >> I'd love to see someone step up and create this for upstream. I think >> it'd make a lot of sense instead of trying to shoe-horn things into >> SLUB... >> > Ok, am unsure if I clearly understand all the issues involved; but of > course it's always better to make a start and then evolve. So, how > exactly can this be tackled? Do we go down the "new SLUB for security" > path? And, if yes, then how exactly does one get started? I'll need > some pointers pl... Well, mainly it would need someone dedicated to creating a whole new slab allocator for the kernel, and prioritizing security for it. Daniel has a bunch of ideas on this, but I don't know enough currently to make suggestions for what the design should look like. Making sanity-checks fast would be a driving principle, though. :) -Kees -- Kees Cook Pixel Security
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.