Re: [Security] proactive defense: using read-only memory

[Pavel Machek]

Hi!

> - Modules need to be correctly marked RO/NX. This patch exists[3], but is
>   not in mainline. It needs to be in mainline.

Why not.

> - Pointers to function table also need to be marked read-only after
>   they are set. An example of this is the security_ops table pointer. It
>   gets set once at boot, and never changes again. These need to be handled
>   so it isn't possible to just trivially reaim the entire security_ops
>   table lookup somewhere else.

But there are too many of those. You can't block them all...

> - Entry points to set_kernel_text_rw() and similar need to be blockable.
>   Having these symbols available make kernel memory modification trivial;

What prevents attacker to just inlining those functions in the
exploit?

If you want protection domain inside kernel, perhaps you should take
ukernel approach?

-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/