On 17.06.2017 12:25, Maxime Villard wrote:
> Le 23/03/2017 à 18:30, Maxime Villard a écrit :
>> I have some plans to implement kernel aslr on amd64. Actually, a few
>> months
>> ago I wrote set of patches for the bootloader and the kernel, and also a
>> complete kernel relocator. As far as I can
Le 23/03/2017 à 18:30, Maxime Villard a écrit :
I have some plans to implement kernel aslr on amd64. Actually, a few months
ago I wrote set of patches for the bootloader and the kernel, and also a
complete kernel relocator. As far as I can test, everything works correctly
and reliably; the whole
On Mar 25, 10:17pm, Mouse wrote:
}
} > [ASLR] is just one more check mark in the exploit building tool.
}
} Yes and no.
}
} It increases the work required to exploit any putative bugs. It does
} not make exploitation impossible, but that does not mean it's not worth
} making it harder. "You
On Sat, Mar 25, 2017 at 10:17:21PM -0400, Mouse wrote:
> > [ASLR] is just one more check mark in the exploit building tool.
>
> Yes and no.
>
> It increases the work required to exploit any putative bugs.
Please read the constraints again. There are very few RCE against the
kernels. The normal
> [ASLR] is just one more check mark in the exploit building tool.
Yes and no.
It increases the work required to exploit any putative bugs. It does
not make exploitation impossible, but that does not mean it's not worth
making it harder. "You don't have to run faster than the bear; you
just
In article ,
Greg Troxel wrote:
>-=-=-=-=-=-
>
>
>Maxime Villard writes:
>
>> I would also add - even if it is not a relevant argument - that most
>> "commonly-used" operating systems do have kernel aslr: Windows, Mac, Linux,
On Sat, Mar 25, 2017 at 11:22:24AM -0400, Thor Lancelot Simon wrote:
> ASLR increases the work factor for that stuff considerably (though there
> are obvious approaches if you can zap the early boot code to wire down
> the "randomization" so it isn't, etc).
I strongly contend this point in the
Le 25/03/2017 à 13:35, Joerg Sonnenberger a écrit :
I don't think *any* of the cache latency problems have been fixed at
all.
Yes, they haven't been fixed yet, but are being. I remember reading that
AMD was working on fixing that - I'll have to refind the article though.
They are highly
Le 25/03/2017 à 08:25, Martin Husemann a écrit :
On Fri, Mar 24, 2017 at 11:13:34PM +0100, Joerg Sonnenberger wrote:
For what purpose? It has been shown over and over again that ASLR simply
doesn't work in a lot of situations in userland. The situation for
kernel ASLR is significantly worse.
On Sat, Mar 25, 2017 at 09:20:14AM +0100, Maxime Villard wrote:
>
> Verily, 5-level page trees with higher entropy will be introduced by Intel
> soon, the instructions that leak kernel addresses can be made privileged
> (UMIP), cache issues are being fixed; and in short, I wouldn't be surprised
>
On Sat, Mar 25, 2017 at 09:20:14AM +0100, Maxime Villard wrote:
> Le 24/03/2017 à 23:13, Joerg Sonnenberger a écrit :
> > On Thu, Mar 23, 2017 at 06:30:31PM +0100, Maxime Villard wrote:
> > > I have some plans to implement kernel aslr on amd64.
> >
> > For what purpose? It has been shown over and
Maxime Villard writes:
> I would also add - even if it is not a relevant argument - that most
> "commonly-used" operating systems do have kernel aslr: Windows, Mac, Linux,
> etc.
There's another point, which various people may also consider invalid :-)
In the US, there's a
Le 24/03/2017 à 23:13, Joerg Sonnenberger a écrit :
On Thu, Mar 23, 2017 at 06:30:31PM +0100, Maxime Villard wrote:
I have some plans to implement kernel aslr on amd64.
For what purpose? It has been shown over and over again that ASLR simply
doesn't work in a lot of situations in userland.
On Fri, Mar 24, 2017 at 11:13:34PM +0100, Joerg Sonnenberger wrote:
> For what purpose? It has been shown over and over again that ASLR simply
> doesn't work in a lot of situations in userland. The situation for
> kernel ASLR is significantly worse. From a security standpoint, it
> doesn't seem to
On Thu, Mar 23, 2017 at 06:30:31PM +0100, Maxime Villard wrote:
> I have some plans to implement kernel aslr on amd64.
For what purpose? It has been shown over and over again that ASLR simply
doesn't work in a lot of situations in userland. The situation for
kernel ASLR is significantly worse.
I have some plans to implement kernel aslr on amd64. Actually, a few months
ago I wrote set of patches for the bootloader and the kernel, and also a
complete kernel relocator. As far as I can test, everything works correctly
and reliably; the whole implementation can relocate and jump into a PIE
16 matches
Mail list logo