Re: [PATCH] pagemap: roothammer

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Mar 30, 2015 at 02:25:24AM +0100, Ben Hutchings wrote:
> On Sun, 2015-03-29 at 14:58 +0000, mancha security wrote:
> > Hi Greg et al.
> > 
> > Many DRAM modules are susceptible to disturbance errors as outlined
> > by Kim et al. in June of last year [1]. More recently, a methodology
> > to exploit these memory cell interactions to escalate privileges on
> > Linux was made public by Google's Project Zero [2].
> > 
> > One attack vector detailed in their methodology uses information
> > gleaned from virtual page - frame maps. As a hardening/mitigation
> > response, ab676b7d6fbf [3] restricts access to /proc/*/pagemap to
> > privileged userspace.
> > 
> > I noticed 3.14.37 was the only LT kernel to receive a backport of
> > this mitigation.  Attached please find a backport for use on 3.10.y
> > (candidate for inclusion in 3.10.74).
> > 
> > 3.12.y and 3.18.y can probably use [3] pretty much directly while
> > 3.2.y and 3.4.y can likely use my patch with a little offset TLC.
> 
> This backport seems to work for 3.2, thanks.
> 
> Ben.

Great to hear.

At this point, seems only 3.4.y and 3.10.y are missing (both can use my
backport).

--mancha

PS a quick check is running od -xN 16 /proc/self/pagemap as an unpriv
user before & after giving od cap_sys_admin.

Attachment: pgp84ieLdgjGQ.pgp
Description: PGP signature


[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]