tech-kern archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: modstat and kaslr
On Dec 31, 5:11pm, Maxime Villard wrote:
}
} Here is a patch [1] that hides the addresses of the kernel modules when
} 'modstat -k' is entered by an unprivileged user. The current behavior is
} preserved for root.
}
} The addresses currently leaked cannot be used to reconstruct the layout of
} the kernel, since the module VAs are embedded in bootspace.boot, whose location
} is independent from that of each of the remaining kernel segments.
}
} But it's still good not to leak such information, to limit the surface for ROP
} and a few other things, and this, also in the non-kaslr case. Ok?
}
} [1] http://m00nbsd.net/garbage/module/modstat.diff
@@ -150,10 +159,13 @@
strlcpy(ms->ms_required, mi->mi_required,
sizeof(ms->ms_required));
}
- if (mod->mod_kobj != NULL) {
+ if (mod->mod_kobj != NULL && stataddr) {
kobj_stat(mod->mod_kobj, &addr, &size);
ms->ms_addr = addr;
ms->ms_size = size;
+ } else {
+ ms->ms_addr = 0;
+ ms->ms_size = 0;
}
ms->ms_class = mi->mi_class;
ms->ms_refcnt = -1;
I don't see why you added the part where you set ms_addr and
ms_size to 0 given that the memory was kmem_zalloc'ed and thus we
know that it is already 0?
Also, given the reason for preventing information leaks, I
would also make sure that the address isn't given out even for root
when secure_level has been elevated.
}-- End of excerpt from Maxime Villard
Home |
Main Index |
Thread Index |
Old Index