oss-sec mailing list archives
Re: Linux Kernel Defence Map
From: Alexander Popov <alex.popov () linux com>
Date: Fri, 6 Apr 2018 02:38:50 +0300
On 05.04.2018 22:20, Kees Cook wrote:
On Thu, Apr 5, 2018 at 5:32 AM, Alexander Popov <alex.popov () linux com> wrote:On 05.04.2018 01:17, Kees Cook wrote:"type confusion" seems weird to me, but I haven't spent a lot of time weighing the options of the naming of these things. "Overwriting a function pointer" is the method, and the bug is "unexpectedly accessing userspace memory from the kernel" (which is usually "something overwrite a pointer").
Just got an idea to call it "userspace data access". Short and simple! I also combined SMAP/PAN and UDEREF into a cluster to reduce the number of edges. Now it looks a bit better.
Kees, thanks again for such a cool feedback. The map is updated.Very cool! Maybe also add an out-of-tree bubble for "Clang CFI", which gives forward-edge protection for code-reuse...
Ok. Created a CFI cluster with RAP and Clang CFI inside. However, I didn't manage to find any materials about applying Clang CFI to the Linux kernel. Thanks! Alexander
Current thread:
- Linux Kernel Defence Map Alexander Popov (Apr 04)
- Re: Linux Kernel Defence Map Kees Cook (Apr 04)
- Re: Re: Linux Kernel Defence Map Kurt Seifried (Apr 04)
- Re: Re: Linux Kernel Defence Map Alexander Popov (Apr 30)
- Re: Linux Kernel Defence Map Alexander Popov (Apr 05)
- Re: Linux Kernel Defence Map Kees Cook (Apr 05)
- Re: Linux Kernel Defence Map Alexander Popov (Apr 05)
- Re: Linux Kernel Defence Map Kees Cook (Apr 05)
- Re: Linux Kernel Defence Map Alexander Popov (Apr 06)
- Re: Re: Linux Kernel Defence Map Kurt Seifried (Apr 04)
- Re: Linux Kernel Defence Map Kees Cook (Apr 04)