kern_linker: Do not reveal address without root
AcceptedPublic
Actions

Authored by aokblast on Fri, Jun 12, 11:28 AM.

Details

Reviewers

olce
markj
emaste

Summary

Disable address explosure while we are not in root

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Passed

Unit

No Test Coverage

Build Status

Buildable 73838
Build 70721: arc lint + arc unit

Event Timeline

aokblast created this revision.Fri, Jun 12, 11:28 AM

Herald added subscribers: olce, imp. · View Herald TranscriptFri, Jun 12, 11:28 AM

aokblast requested review of this revision.Fri, Jun 12, 11:28 AM

Harbormaster completed remote builds in B73838: Diff 179641.Fri, Jun 12, 11:28 AM

I think this needs some discussion so I just put it in here.

Makes sense on a quick look. Preferably wait for others' feedbacks.

This revision is now accepted and ready to land.Fri, Jun 12, 2:44 PM

aokblast added reviewers: markj, emaste.Fri, Jun 12, 5:16 PM

Why? We do not randomize the kernel address space. There are many many ways to leak kernel pointers, this is just one of them.

In D57547#1319070, @markj wrote:

Why? We do not randomize the kernel address space. There are many many ways to leak kernel pointers, this is just one of them.

Yes, I think we should do this in future. Currently, reading /boot/kernel also leaks the address. But I think we should change it if possible.

Revision Contents
Changeset List

Path

Size

sys/

kern/

kern_linker.c

3 lines

Diff 179641

View Options

kern_linker: Do not reveal address without rootAcceptedPublicActions