LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Attacking hardened Linux systems with kernel JIT spraying

Attacking hardened Linux systems with kernel JIT spraying

Posted Nov 19, 2012 16:00 UTC (Mon) by khim (subscriber, #9252)
In reply to: Attacking hardened Linux systems with kernel JIT spraying by cyanit
Parent article: Attacking hardened Linux systems with kernel JIT spraying

Well, if you wrote the kernel in a type-safe garbage-collected language (e.g. Java), then the static proof would be trivial since it is by construction impossible to violate the language invariants (assuming the VM and low-level support code is correct).

Unfortunately this small addition at the end makes the whole thing useless: simple interpreter mode for languages like Java are too slow and thus "VM and low-level support code" is typically comparable in complexity to OS kernel (in some sense it is an OS kernel).

The real reason is that apparently nobody cares enough to do the work.

No. The real reason is that it takes time and does not pay.

(Log in to post comments)

Attacking hardened Linux systems with kernel JIT spraying

Posted Nov 19, 2012 16:40 UTC (Mon) by drag (subscriber, #31333) [Link]

It's better to have buggy code that works now then it is to have something that may work in 30 years.

Attacking hardened Linux systems with kernel JIT spraying

Posted Nov 20, 2012 3:07 UTC (Tue) by liam (subscriber, #84133) [Link]

Is there any reason why this work couldn't be done it parallel with kernel development?
There are parts of the kernel that are only touched rarely (ex. block/deadline-iosched, though there are probably better examples).
It seems as though this type of analysis might be good long term project.
Of course, if it is truly infeasible for any but the least interesting parts of the kernel then it is a waste of time.

Attacking hardened Linux systems with kernel JIT spraying

Posted Nov 20, 2012 19:15 UTC (Tue) by mathstuf (subscriber, #69389) [Link]

> Of course, if it is truly infeasible for any but the least interesting parts of the kernel then it is a waste of time.

I suppose that since there's a high chance of it happening, the question boils down to: "What wins when the decision is between ABI compatibility and provably secure?"

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds