Date: Thu, 29 Sep 2011 09:30:36 -0700 From: Dave Hansen <dave@...ux.vnet.ibm.com> To: Vasiliy Kulikov <segoon@...nwall.com> Cc: David Rientjes <rientjes@...gle.com>, Christoph Lameter <cl@...two.org>, kernel-hardening@...ts.openwall.com, Pekka Enberg <penberg@...nel.org>, Matt Mackall <mpm@...enic.com>, Andrew Morton <akpm@...ux-foundation.org>, linux-mm@...ck.org, Kees Cook <kees@...ntu.com>, Valdis.Kletnieks@...edu, Linus Torvalds <torvalds@...ux-foundation.org>, Alan Cox <alan@...ux.intel.com>, linux-kernel@...r.kernel.org Subject: Re: [PATCH 2/2] mm: restrict access to /proc/meminfo On Thu, 2011-09-29 at 20:18 +0400, Vasiliy Kulikov wrote: > I'm not convinced with rounding the information to MBs. The attacker > still may fill slabs with new objects to trigger new slab pages > allocations. He will be able to see when this MB-granularity barrier is > overrun thus seeing how many kbs there were before: > > old = new - filled_obj_size_sum > > As `new' is just increased, it means it is known with KB granularity, > not MB. By counting used slab objects he learns filled_obj_size_sum. > > So, rounding gives us nothing, but obscurity. I'll agree that it doesn't fundamentally fix anything. But, it does make an attack more difficult in the real world. There's a reason that real-world attackers are going after slabinfo: it's a fundamentally *BETTER* than meminfo as a tool with which to aim an attack. A MB-rounded meminfo is also fundamentally *BETTER* than a PAGE_SIZE-rounded meminfo. I find it hard to call this "nothing". Anyway... I'm working on a patch. Will post soon. -- Dave
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.