Date: Fri, 6 Apr 2018 02:38:50 +0300 From: Alexander Popov <alex.popov@...ux.com> To: Kees Cook <keescook@...omium.org> Cc: Kurt Seifried <kseifried@...hat.com>, oss-security@...ts.openwall.com, James Morris <jmorris@...ei.org>, "Serge E. Hallyn" <serge@...lyn.com>, Brad Spengler <spender@...ecurity.net>, PaX Team <pageexec@...email.hu>, "Reshetova, Elena" <elena.reshetova@...el.com> Subject: Re: Linux Kernel Defence Map On 05.04.2018 22:20, Kees Cook wrote: > On Thu, Apr 5, 2018 at 5:32 AM, Alexander Popov <alex.popov@...ux.com> wrote: >> On 05.04.2018 01:17, Kees Cook wrote: > "type confusion" seems weird to me, but I haven't spent a lot of time > weighing the options of the naming of these things. "Overwriting a > function pointer" is the method, and the bug is "unexpectedly > accessing userspace memory from the kernel" (which is usually > "something overwrite a pointer"). Just got an idea to call it "userspace data access". Short and simple! I also combined SMAP/PAN and UDEREF into a cluster to reduce the number of edges. Now it looks a bit better. >> Kees, thanks again for such a cool feedback. The map is updated. > > Very cool! Maybe also add an out-of-tree bubble for "Clang CFI", which > gives forward-edge protection for code-reuse... Ok. Created a CFI cluster with RAP and Clang CFI inside. However, I didn't manage to find any materials about applying Clang CFI to the Linux kernel. Thanks! Alexander
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ