oss-sec mailing list archives
Re: How GNU/Linux distros deal with offset2lib attack?
From: Greg KH <greg () kroah com>
Date: Sun, 7 Dec 2014 11:42:36 -0800
On Sun, Dec 07, 2014 at 01:08:00PM +0100, Lionel Debroux wrote:
On Sat, Dec 6, 2014 at 7:35 PM, Greg KH <greg () kroah com> wrote:On Sat, Dec 06, 2014 at 03:22:58PM +0800, Shawn wrote:2, ASLRv3? Hector Marco( the dude who disclosured offset2lib attack) sent a patch to the upstream: https://lkml.org/lkml/2014/12/4/839 Even the upstream don't accept the patch, is this possible to backport it & maintain it for distro community?Upstream asked for some basic fixes to the patch (i.e. it wasn't submitted in the needed format) before it could accept it, so I doubt it's rejected yet. And of course a distro could backport and maintain it, it's a very tiny patch, much smaller than what they normall backport. Take it up with the distros if you want this.Tiny indeed. I'm surprised how few hunks it contains, given that PAX_ASLR involves $ grep CONFIG_PAX_ASLR pax-linux-3.17.4-test7.patch | wc -l 25 hunks.
That's not a good comparison, as who knows what those config options do. And a "well written" option will never have a CONFIG_* option within the .c files, as that's not the normal way to implement features in the Linux kernel.
Is Hector Marco's ASLRv3 submission a much simpler reinvention of PaX's ASLR wheel, or is it rather a smaller wheel which does less than PaX's improved, field-tested ASLR does ?
I don't know, never looked at the PaX code, sorry. Why not look at it yourself and compare it?
If the latter, I think it wouldn't be good to see another half-measure integrated to mainline, until the next mainline ASLR defeat against which PaX has protected for over a decade. Just my 2 cents.
The reason PaX isn't in the main kernel tree is that no one has spent the time and effort to actually submit it in a mergable form. So please, do so if you think this is something that is needed. thanks, greg k-h
Current thread:
- How GNU/Linux distros deal with offset2lib attack? Shawn (Dec 05)
- Re: How GNU/Linux distros deal with offset2lib attack? lazytyped (Dec 06)
- Re: How GNU/Linux distros deal with offset2lib attack? Lionel Debroux (Dec 06)
- Re: How GNU/Linux distros deal with offset2lib attack? Greg KH (Dec 06)
- Re: How GNU/Linux distros deal with offset2lib attack? Loganaden Velvindron (Dec 06)
- Re: How GNU/Linux distros deal with offset2lib attack? Lionel Debroux (Dec 07)
- Re: How GNU/Linux distros deal with offset2lib attack? Shawn (Dec 07)
- Re: How GNU/Linux distros deal with offset2lib attack? Greg KH (Dec 07)
- Re: How GNU/Linux distros deal with offset2lib attack? Lionel Debroux (Dec 07)
- Re: How GNU/Linux distros deal with offset2lib attack? Shawn (Dec 08)
- Re: How GNU/Linux distros deal with offset2lib attack? Loganaden Velvindron (Dec 06)
- Re: How GNU/Linux distros deal with offset2lib attack? Greg KH (Dec 07)
- Re: How GNU/Linux distros deal with offset2lib attack? Daniel Micay (Dec 07)
- Re: How GNU/Linux distros deal with offset2lib attack? Greg KH (Dec 07)
- Re: How GNU/Linux distros deal with offset2lib attack? Lionel Debroux (Dec 07)
- Re: How GNU/Linux distros deal with offset2lib attack? Lionel Debroux (Dec 18)
- Re: How GNU/Linux distros deal with offset2lib attack? Amos Jeffries (Dec 18)
- Re: How GNU/Linux distros deal with offset2lib attack? Mathias Krause (Dec 18)
- Re: How GNU/Linux distros deal with offset2lib attack? Greg KH (Dec 18)
- Re: How GNU/Linux distros deal with offset2lib attack? Mathias Krause (Dec 19)
- Re: How GNU/Linux distros deal with offset2lib attack? Greg KH (Dec 19)
- Re: How GNU/Linux distros deal with offset2lib attack? Greg KH (Dec 18)