[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: item for kernel meeting -- NX emulation

On Tue, Nov 02, 2010 at 04:04:13PM +0100, maximilian attems wrote:
> hello Kees,
> 
> On Fri, 29 Oct 2010, Kees Cook wrote:
> 
> > Thanks for adding this to the agenda! I've added details about both
> > AppArmor and the nx-emulation bits to the wiki page. Let me know if
> > you've got any questions.
>  
> Do you know if newly split out 32bit-mmap-exec-randomization
> has a chance in going upstream or has already been submitted?

I would fight it going upstream as it has terrible entropy. I feel it only
has value when combined with the nx-emu patch, which would have 0 entropy
for the relocated executable regions if left as-is.

The goal discussed on the Fedora kernel list was to somehow get rewrites of
the existing upstream ASLR so that it could be used with the nx-emu patch
and then the 32bit-mmap-exec-randomization could be eliminated.

The feature 32bit-mmap-exec-randomization is trying to implement is "ASCII
armor" (leading 0 byte on addresses), but it's greedy-fit method creates a
nearly deterministic layout for each given ELF. So if a way to do ASCII
armor with the upstream ASLR can be created, it can be dropped.

There has been no progress on this, though.

-Kees

-- 
Kees Cook                                            @debian.org
Reply to: