Date: Sun, 26 Apr 2020 15:53:14 +0200 From: Adam Zabrocki <pi3@....com.pl> To: lkrg-users@...ts.openwall.com Subject: Re: LKRG unfit for installation by default in Whonix / Kicksecure due to kernel boot console output - usability issue On Sun, Apr 26, 2020 at 02:27:43PM +0200, Solar Designer wrote: > On Sun, Apr 26, 2020 at 12:07:48PM +0000, Patrick Schleizer wrote: > > I see a lot code duplication there. > > FWIW, code duplication is one of my biggest complaints about LKRG code > quality, and something I think we need to improve (reduce). > > In some special cases, Adam reasonably defends some code duplication by > consideration of attacks on LKRG itself. But in most cases the code > duplication is just the way LKRG happens to be currently written, and > should ideally be avoided, in my opinion. > > Alexander There are a few aspects of that. Majority of the time we have it by purpose in tasks integrity related functionality, e.g. to avoid generating trivial ROP-gadgets or other security-related issues (like CPU flags being inlined etc). However, entire kINT (CI) integrity routine itself is a mess and need to be rewritten. However, I do find more urgent / important tasks to work on than that. However, I want to rewrite this huge and long routine at some point (it was originally designed like that from the possible self-encryption and metamorhic reasons - it's a long story). Thanks, Adam -- pi3 (pi3ki31ny) - pi3 (at) itsec pl http://pi3.com.pl
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.