On Wed 2017-11-22 17:19:07, Pavel Machek wrote: > Hi! > > > KAISER makes it harder to defeat KASLR, but makes syscalls and > > interrupts slower. These patches are based on work from a team at > > Graz University of Technology posted here[1]. The major addition is > > support for Intel PCIDs which builds on top of Andy Lutomorski's PCID > > work merged for 4.14. PCIDs make KAISER's overhead very reasonable > > for a wide variety of use cases. > > Is it useful? > > > Full Description: > > > > KAISER is a countermeasure against attacks on kernel address > > information. There are at least three existing, published, > > approaches using the shared user/kernel mapping and hardware features > > to defeat KASLR. One approach referenced in the paper locates the > > kernel by observing differences in page fault timing between > > present-but-inaccessable kernel pages and non-present pages. > > I mean... evil userspace will still be able to determine kernel's > location using cache aliasing effects, right? Issues with AnC attacks are tracked via several CVE identifiers. CVE-2017-5925 is assigned to track the developments for Intel processors CVE-2017-5926 is assigned to track the developments for AMD processors Pavel -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
Attachment:
signature.asc
Description: Digital signature
