Re: modstat and kaslr

To: tech-kern%netbsd.org@localhost
Subject: Re: modstat and kaslr
From: christos%astron.com@localhost (Christos Zoulas)
Date: Sun, 31 Dec 2017 19:28:42 +0000 (UTC)

In article <d9368300-b93b-8409-5e57-da033fbb7bd6%m00nbsd.net@localhost>,
Maxime Villard  <max%m00nbsd.net@localhost> wrote:
>Hi,
>Here is a patch [1] that hides the addresses of the kernel modules when
>'modstat -k' is entered by an unprivileged user. The current behavior is
>preserved for root.
>
>The addresses currently leaked cannot be used to reconstruct the layout of
>the kernel, since the module VAs are embedded in bootspace.boot, whose location
>is independent from that of each of the remaining kernel segments.
>
>But it's still good not to leak such information, to limit the surface for ROP
>and a few other things, and this, also in the non-kaslr case. Ok?
>
>[1] http://m00nbsd.net/garbage/module/modstat.diff

That looks fine (I presume root can still see them)

christos

References:
- modstat and kaslr
  - From: Maxime Villard

Prev by Date: modstat and kaslr
Next by Date: Re: modstat and kaslr
Previous by Thread: modstat and kaslr
Next by Thread: Re: modstat and kaslr
Indexes:

Home | Main Index | Thread Index | Old Index