Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <c386915a90174a5b642e5da58bfe96e5@cs.tu-darmstadt.de>
Date: Tue, 02 May 2017 18:38:22 +0200
From: David Gens <david.gens@...tu-darmstadt.de>
To: bancfc@...nmailbox.org
Cc: kernel-hardening@...ts.openwall.com
Subject: Re: Re: It looks like there will be no more public
 versions of PaX and Grsec.

On 2017-05-02 16:22, bancfc@...nmailbox.org wrote:
> Hi David, I read your paper [1] about how RAP wouldn't defend against
> data-only attacks. Do you plan on contributing your PT-Rand mitigation
> to KSPP?
> 
> That was never mentioned in the grsec RAP announcements for obvious
> marketing reasons. With KERNSEAL not being public no one can verify
> its effectiveness either.
> 
> 
> [1]
> https://www.internetsociety.org/sites/default/files/ndss2017_05B-4_Davi_paper.pdf

That is certainly doable (and it would be cool), but mainly depends on 
how interesting
such a feature would be for upstream. My impression was that the 
interest is rather limited,
since messing with the linear mapping generally is a big nono (because 
of TLB pressure).

But we're really getting off-topic.

Best,
David

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.