"Maxime Villard" writes: > Module Name: src > Committed By: maxv > Date: Sun Dec 2 21:00:13 UTC 2018 > > Modified Files: > src/share/mk: bsd.sys.mk > src/sys/arch/amd64/conf: GENERIC > src/sys/arch/amd64/include: param.h > src/sys/conf: files ssp.mk > src/sys/kern: files.kern subr_pool.c sys_syscall.c > src/sys/sys: systm.h > src/sys/uvm: uvm_km.c > Added Files: > src/sys/arch/amd64/include: kleak.h > src/sys/kern: subr_kleak.c > src/usr.sbin/kleak: Makefile kleak.c > > Log Message: > Introduce KLEAK, a new feature that can detect kernel information leaks. > > It works by tainting memory sources with marker values, letting the data > travel through the kernel, and scanning the kernel<->user frontier for > these marker values. Combined with compiler instrumentation and rotation > of the markers, it is able to yield relevant results with little effort. > > We taint the pools and the stack, and scan copyout/copyoutstr. KLEAK is > supported on amd64 only for now, but it is not complicated to add more > architectures (just a matter of having the address of .text, and a stack > unwinder). > > A userland tool is provided, that allows to execute a command in rounds > and monitor the leaks generated all the while. > > KLEAK already detected directly 12 kernel info leaks, and prompted changes > that in total fixed 25+ leaks. > > Based on an idea developed jointly with Thomas Barabosch (of Fraunhofer > FKIE).
extra thanks to Thomas and Max for this feature! this is great work. .mrg.