> On Thu, Mar 28, 2019 at 9:29 AM Andy Lutomirski wrote:
> > Doesn’t this just leak some of the canary to user code through side
> > channels?
>
> Erf, yes, good point. Let's just use prandom and be done with it.
And here I have some numbers on this. Actually prandom turned out to be pretty
fas
On Thu, Mar 28, 2019 at 9:29 AM Andy Lutomirski wrote:
> Doesn’t this just leak some of the canary to user code through side channels?
Erf, yes, good point. Let's just use prandom and be done with it.
--
Kees Cook
> On Mar 28, 2019, at 8:45 AM, Kees Cook wrote:
>
>> On Tue, Mar 26, 2019 at 9:31 PM Andy Lutomirski wrote:
>>
>> On Tue, Mar 26, 2019 at 3:35 AM Reshetova, Elena
>> wrote:
>>>
> On Mon, Mar 18, 2019 at 1:16 PM Andy Lutomirski wrote:
> On Mon, Mar 18, 2019 at 2:41 AM Elena Resheto
On Tue, Mar 26, 2019 at 9:31 PM Andy Lutomirski wrote:
>
> On Tue, Mar 26, 2019 at 3:35 AM Reshetova, Elena
> wrote:
> >
> > > On Mon, Mar 18, 2019 at 1:16 PM Andy Lutomirski wrote:
> > > > On Mon, Mar 18, 2019 at 2:41 AM Elena Reshetova
> > > > wrote:
> > > > > Performance:
> > > > >
> > > > >
On Tue, Mar 26, 2019 at 3:35 AM Reshetova, Elena
wrote:
>
> > On Mon, Mar 18, 2019 at 1:16 PM Andy Lutomirski wrote:
> > > On Mon, Mar 18, 2019 at 2:41 AM Elena Reshetova
> > > wrote:
> > > > Performance:
> > > >
> > > > 1) lmbench: ./lat_syscall -N 100 null
> > > > base:
> On Mon, Mar 18, 2019 at 1:16 PM Andy Lutomirski wrote:
> > On Mon, Mar 18, 2019 at 2:41 AM Elena Reshetova
> > wrote:
> > > Performance:
> > >
> > > 1) lmbench: ./lat_syscall -N 100 null
> > > base: Simple syscall: 0.1774 microseconds
> > > random_offset (rdtsc):
> On Mar 20, 2019, at 4:12 AM, David Laight wrote:
>
> From: Andy Lutomirski
>> Sent: 18 March 2019 20:16
> ...
>>> As a result this patch introduces 8 bits of randomness
>>> (bits 4 - 11 are randomized, bits 0-3 must be zero due to stack alignment)
>>> after pt_regs location on the thread stac
> On Mon, Mar 18, 2019 at 01:15:44PM -0700, Andy Lutomirski wrote:
> > On Mon, Mar 18, 2019 at 2:41 AM Elena Reshetova
> > wrote:
> > >
> > > If CONFIG_RANDOMIZE_KSTACK_OFFSET is selected,
> > > the kernel stack offset is randomized upon each
> > > entry to a system call after fixed location of pt
Smth is really weird with my intel mail: it only now delivered
me all messages in one go and I was thinking that I don't get any feedback...
> > If CONFIG_RANDOMIZE_KSTACK_OFFSET is selected,
> > the kernel stack offset is randomized upon each
> > entry to a system call after fixed location of pt_
From: Andy Lutomirski
> Sent: 18 March 2019 20:16
...
> > As a result this patch introduces 8 bits of randomness
> > (bits 4 - 11 are randomized, bits 0-3 must be zero due to stack alignment)
> > after pt_regs location on the thread stack.
> > The amount of randomness can be adjusted based on how m
On Mon, Mar 18, 2019 at 01:15:44PM -0700, Andy Lutomirski wrote:
> On Mon, Mar 18, 2019 at 2:41 AM Elena Reshetova
> wrote:
> >
> > If CONFIG_RANDOMIZE_KSTACK_OFFSET is selected,
> > the kernel stack offset is randomized upon each
> > entry to a system call after fixed location of pt_regs
> > stru
On Mon, Mar 18, 2019 at 1:16 PM Andy Lutomirski wrote:
> On Mon, Mar 18, 2019 at 2:41 AM Elena Reshetova
> wrote:
> > Performance:
> >
> > 1) lmbench: ./lat_syscall -N 100 null
> > base: Simple syscall: 0.1774 microseconds
> > random_offset (rdtsc): Simple sysc
On Mon, Mar 18, 2019 at 2:41 AM Elena Reshetova
wrote:
>
> If CONFIG_RANDOMIZE_KSTACK_OFFSET is selected,
> the kernel stack offset is randomized upon each
> entry to a system call after fixed location of pt_regs
> struct.
>
> This feature is based on the original idea from
> the PaX's RANDKSTACK
If CONFIG_RANDOMIZE_KSTACK_OFFSET is selected,
the kernel stack offset is randomized upon each
entry to a system call after fixed location of pt_regs
struct.
This feature is based on the original idea from
the PaX's RANDKSTACK feature:
https://pax.grsecurity.net/docs/randkstack.txt
All the credits
14 matches
Mail list logo
