On 7/2/15 9:12 AM, Hanno Böck wrote:
Hi,
Such a system could also be interesting as a high security linux
variant not vulnerable to common buffer overflows and other memory
errors. It is slower, but that may be acceptable. (However it should be
said that right now asan is incompatible with grsecurity - and probably
people who want a high secure linux variant want grsecurity.)
Its actually PaX that is incompatible with -fsanitize=address because of
the shadowing of the address space, so you can still use grsec and the
other protections it provides like hardneing of chroots or rbac. Just
turn off PaX when configuring the kernel. (Note: pax should be okay with
-fsanitize=thread but I haven't tested). I think this is a cool
project, but I'm more interested in asan's debugging abilities than a
run time tool to stop memory abuses. I like pax's approach where the
*kernel* simply doesn't allow certain memory uses, eg, pages are
allocated either read+write or read+execute but never write+execute.
I'd like to play with an amd64 stage3 and see how it asan gets along
with the hardened toolchain and hardened kernel.
For now I just wanted to announce that I'm working on this, so people
who care can get in touch with me. I'll probably write a detailed blog
post at some point.
Depending on how much interest there is this may be something Gentoo
wants to consider as an official project and publish official stage
tarballs.
cu, Hanno
--
Anthony G. Basile, Ph.D.
Gentoo Linux Developer [Hardened]
E-Mail : [email protected]
GnuPG FP : 1FED FAD9 D82C 52A5 3BAB DC79 9384 FA6E F52D 4BBA
GnuPG ID : F52D4BBA
