Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 18 Oct 2016 09:11:46 -0400
From: David Windsor <dave@...gbits.org>
To: kernel-hardening@...ts.openwall.com
Cc: Julia Lawall <julia.lawall@...6.fr>
Subject: Re: Use-after-free and management of reference counts

Hi,

On Tue, Oct 18, 2016 at 8:22 AM, Vaishali Thakkar
<vaishali.thakkar@...cle.com> wrote:
> Hi,
>
> Recently I studied the reported CVEs of last 2 years and there were
> fair number of use-after-free bugs. Usually we also see many reports
> of use-after-free bugs in the LKML [reported by one or other tools].
>
> Also, at Kernel recipes Jonathan Corbet  mentioned reference counts as
> a security issue. I believe if we have more kernel hardening patches
> then we can avoid such bugs. I was wondering if there is some ongoing
> work in the both [use-after-free and management of reference counts]
> of these areas?
>

There is a patchset currently on this mailing list (kernel-hardening)
that directly addresses use-after free bugs.  The feature is called
HARDENED_ATOMIC and is based off of earlier work done by PaX
(https://forums.grsecurity.net/viewtopic.php?f=7&t=4173).

Here is a link to the feature's latest RFC patchset:
http://www.openwall.com/lists/kernel-hardening/2016/10/03/1

Here is the work we've done thus far in documenting the feature:
http://progbits.org

If you're interested in helping with this feature, we're always
looking for people to help move the feature to other architectures.
Someone else is already working on the arm64 port, so you may want to
look at either arm (this is most preferable), mips, sparc or powerpc.
You may want to talk to Takahiro Akashi, who is doing the arm64 work,
to get his thoughts on the arm port.  See this thread for more
information: http://www.openwall.com/lists/kernel-hardening/2016/10/12/2.

> If not, then I would like to work on the same. Any pointers on this
> would be appreciated.
>

Great, thanks for offering to help!  Let me know if you'd like any
other pointers.

> Thank you.
>
> --
> Vaishali

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.