On Tue, Nov 13, 2018 at 12:40 PM Timofey Titovets <timofey.titovets@xxxxxxxxxx> wrote: > ksm by default working only on memory that added by > madvise(). > > And only way get that work on other applications: > * Use LD_PRELOAD and libraries > * Patch kernel > > Lets use kernel task list and add logic to import VMAs from tasks. > > That behaviour controlled by new attributes: > * mode: > I try mimic hugepages attribute, so mode have two states: > * madvise - old default behaviour > * always [new] - allow ksm to get tasks vma and > try working on that. Please don't. And if you really have to for some reason, put some big warnings on this, advising people that it's a security risk. KSM is one of the favorite punching bags of side-channel and hardware security researchers: As a gigantic, problematic side channel: http://staff.aist.go.jp/k.suzaki/EuroSec2011-suzaki.pdf https://www.usenix.org/system/files/conference/woot15/woot15-paper-barresi.pdf https://access.redhat.com/blogs/766093/posts/1976303 https://gruss.cc/files/dedup.pdf In particular https://gruss.cc/files/dedup.pdf ("Practical Memory Deduplication Attacks in Sandboxed JavaScript") shows that KSM makes it possible to use malicious JavaScript to determine whether a given page of memory exists elsewhere on your system. And also as a way to target rowhammer-based faults: https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_razavi.pdf https://thisissecurity.stormshield.com/2017/10/19/attacking-co-hosted-vm-hacker-hammer-two-memory-modules/
