On 11/04/16 19:03, Kees Cook wrote:
> On Mon, Apr 11, 2016 at 1:00 AM, James Morse wrote:
>> On 06/04/16 20:44, Kees Cook wrote:
>>> When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
>>> one or the other must be chosen at boot-time. Until now, hibernation
>>> was selected when
On Mon, Apr 11, 2016 at 11:21 AM, Geert Uytterhoeven
wrote:
> On Mon, Apr 11, 2016 at 8:03 PM, Kees Cook wrote:
>> On Mon, Apr 11, 2016 at 1:00 AM, James Morse wrote:
>>> On 06/04/16 20:44, Kees Cook wrote:
When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
one or th
On Mon, Apr 11, 2016 at 8:03 PM, Kees Cook wrote:
> On Mon, Apr 11, 2016 at 1:00 AM, James Morse wrote:
>> On 06/04/16 20:44, Kees Cook wrote:
>>> When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
>>> one or the other must be chosen at boot-time. Until now, hibernation
>>> was
On Mon, Apr 11, 2016 at 1:00 AM, James Morse wrote:
> Hi Kees,
>
> On 06/04/16 20:44, Kees Cook wrote:
>> When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
>> one or the other must be chosen at boot-time. Until now, hibernation
>> was selected when no choice was made on the com
Hi Kees,
On 06/04/16 20:44, Kees Cook wrote:
> When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
> one or the other must be chosen at boot-time. Until now, hibernation
> was selected when no choice was made on the command line.
>
> To make the security benefits of kASLR more w
* Rafael J. Wysocki wrote:
> [...]
>
> One of the weak points is the final jump, because it has to be done to the
> physical location of the image kernel's entry point even though the virtual
> addresses of it may differ between the boot and the image kernels. The seed
> is
> not needed fo
* Kees Cook wrote:
> >> I don't think this is a good idea, as it turns off emergency hibernation
> >> of
> >> laptops - many desktop distros support it by default.
> >
> > Right, I forgot about this one.
>
> When I last checked Ubuntu doesn't enable hibernation by default any more:
> https:/
On wo, 2016-04-06 at 15:16 -0700, Kees Cook wrote:
> And it seems like Fedora either doesn't either, or has a lot of people
> for whom it doesn't work:
> https://bugzilla.redhat.com/show_bug.cgi?id=1206936
> https://bugzilla.redhat.com/show_bug.cgi?id=1224151
> http://blog.kriptonium.com/2015/12/fe
On Wed, Apr 6, 2016 at 11:52 PM, Ingo Molnar wrote:
>
> * Ingo Molnar wrote:
>
>>
>> * Kees Cook wrote:
>>
>> > On Wed, Apr 6, 2016 at 1:56 PM, Linus Torvalds
>> > wrote:
>> > > On Wed, Apr 6, 2016 at 1:17 PM, Pavel Machek wrote:
>> > >>
>> > >> Why is kASLR incompatible with hibernation? We c
On Wed, Apr 6, 2016 at 3:04 PM, Rafael J. Wysocki wrote:
> On Wed, Apr 6, 2016 at 11:56 PM, Ingo Molnar wrote:
>>
>> * Rafael J. Wysocki wrote:
>>
>>> On Wed, Apr 6, 2016 at 9:44 PM, Kees Cook wrote:
>>> > When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
>>> > one or the ot
On Wed, Apr 6, 2016 at 11:56 PM, Ingo Molnar wrote:
>
> * Rafael J. Wysocki wrote:
>
>> On Wed, Apr 6, 2016 at 9:44 PM, Kees Cook wrote:
>> > When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
>> > one or the other must be chosen at boot-time. Until now, hibernation
>> > was s
* Rafael J. Wysocki wrote:
> On Wed, Apr 6, 2016 at 9:44 PM, Kees Cook wrote:
> > When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
> > one or the other must be chosen at boot-time. Until now, hibernation
> > was selected when no choice was made on the command line.
> >
> >
* Ingo Molnar wrote:
>
> * Kees Cook wrote:
>
> > On Wed, Apr 6, 2016 at 1:56 PM, Linus Torvalds
> > wrote:
> > > On Wed, Apr 6, 2016 at 1:17 PM, Pavel Machek wrote:
> > >>
> > >> Why is kASLR incompatible with hibernation? We can hibernate have
> > >> 4.3 kernel resume hibernation image of
On Wed, Apr 6, 2016 at 9:44 PM, Kees Cook wrote:
> When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
> one or the other must be chosen at boot-time. Until now, hibernation
> was selected when no choice was made on the command line.
>
> To make the security benefits of kASLR mor
* Kees Cook wrote:
> On Wed, Apr 6, 2016 at 1:56 PM, Linus Torvalds
> wrote:
> > On Wed, Apr 6, 2016 at 1:17 PM, Pavel Machek wrote:
> >>
> >> Why is kASLR incompatible with hibernation? We can hibernate have
> >> 4.3 kernel resume hibernation image of 4.2 kernel (on x86-64, and I
> >> have pa
On Wed, Apr 6, 2016 at 1:56 PM, Linus Torvalds
wrote:
> On Wed, Apr 6, 2016 at 1:17 PM, Pavel Machek wrote:
>>
>> Why is kASLR incompatible with hibernation? We can hibernate have
>> 4.3 kernel resume hibernation image of 4.2 kernel (on x86-64, and I
>> have patches for x86). Resuming kernel with
On Wed, Apr 6, 2016 at 1:17 PM, Pavel Machek wrote:
>
> Why is kASLR incompatible with hibernation? We can hibernate have
> 4.3 kernel resume hibernation image of 4.2 kernel (on x86-64, and I
> have patches for x86). Resuming kernel with different randomization
> does not look that much different.
Hi!
> When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
> one or the other must be chosen at boot-time. Until now, hibernation
> was selected when no choice was made on the command line.
>
> To make the security benefits of kASLR more widely available to end
> users (since the
When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
one or the other must be chosen at boot-time. Until now, hibernation
was selected when no choice was made on the command line.
To make the security benefits of kASLR more widely available to end
users (since the use of hibernati
19 matches
Mail list logo
