|
Message-ID: <55fa194e-69bd-fe39-f915-6f77673aea36@iaik.tugraz.at> Date: Fri, 5 May 2017 10:23:50 +0200 From: Daniel Gruss <daniel.gruss@...k.tugraz.at> To: Thomas Garnier <thgarnie@...gle.com> CC: kernel list <linux-kernel@...r.kernel.org>, Kernel Hardening <kernel-hardening@...ts.openwall.com>, "clementine.maurice@...k.tugraz.at" <clementine.maurice@...k.tugraz.at>, "moritz.lipp@...k.tugraz.at" <moritz.lipp@...k.tugraz.at>, Michael Schwarz <michael.schwarz@...k.tugraz.at>, Richard Fellner <richard.fellner@...dent.tugraz.at>, "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>, Ingo Molnar <mingo@...nel.org>, "anders.fogh@...ta-adan.de" <anders.fogh@...ta-adan.de> Subject: Re: [RFC, PATCH] x86_64: KAISER - do not map kernel in user mode On 04.05.2017 17:28, Thomas Garnier wrote: > Please read the documentation on submitting patches [1] and coding style [2]. I will have a closer look at that. > - How this approach prevent the hardware attacks you mentioned? You > still have to keep a part of _text in the pagetable and an attacker > could discover it no? (and deduce the kernel base address). These parts are moved to a different section (.user_mapped) which is at a possibly predictable location - the location of the randomized parts of the kernel is independent of the location of .user_mapped. The code/data footprint for .user_mapped is quite small, helping to reduce or eliminate the attack surface... > You also need to make it clear that btb attacks are still possible. By just increasing the KASLR randomization range, btb attacks can be mitigated (for free). > - What is the perf impact? It will vary for different machines. We have promising results (<1%) for an i7-6700K with representative benchmarks. However, for older systems or for workloads with a lot of pressure on some TLB levels, the performance may be much worse.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.