Quotes of the week [LWN.net]

Quotes of the week

Posted Jun 14, 2012 15:39 UTC (Thu) by PaXTeam (guest, #24616)
In reply to: Quotes of the week by nevets
Parent article: Quotes of the week

> If you're going to modify the kernel, might as well just install x86_64 instead.

it's an existing kernel config option, nothing needs to be modified.

> Linux never bother with much of the segmentation crap that i386 uses to begin with.

pre 2.0 (iirc) task switching? set_fs()? TLS? ;)

> Sure, it separates userspace from kernel space,

nope, (vanilla) linux uses flat segments, there's no separation at the segment level.

> but it does nothing to protect one task from another. Page tables are used for that purpose.

true but what's that matter here? ;)

> Show me one security errata that was the result of removing segmentation from x86. And I mean for Linux.

every single kernel-dereferences-unintended-userland-pointer bug (something that UDEREF in PaX protects against if you want to see how it's done properly). and asking for actual security errata when the declared policy from high up is to actively suppress them is... too funny if it wasn't so sad at the same time :P. in any case, http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=linux+ker... should get you started.

to post comments

Quotes of the week

Posted Jun 14, 2012 16:11 UTC (Thu) by nevets (subscriber, #11875) [Link] (3 responses)

> it's an existing kernel config option, nothing needs to be modified.

Modifying config options does modify the kernel. Do you need to recompile?

> pre 2.0 (iirc) task switching? set_fs()? TLS? ;)

I started working with 2.0, so I should never had said 'never' ;-)

Yeah, I knew about TLS, that's why I said 'much of segmentation', instead of saying 'any of segmentation'.

> nope, (vanilla) linux uses flat segments, there's no separation at the segment level.

Ah sorry, was thinking that it did. It's been a while since I've actually worked with segments. I know the kernel was not limited against accessing userspace, but I was thinking that userspace had the added protection of segments to protect against accessing the kernel.

> when the declared policy from high up is to actively suppress them is... too funny if it wasn't so sad at the same time

Are you saying that since Linux uses a flat segment space that the bugs happen for both i386 and x86_64?

Quotes of the week

Posted Jun 14, 2012 16:23 UTC (Thu) by PaXTeam (guest, #24616) [Link] (2 responses)

> Modifying config options does modify the kernel. Do you need to recompile?

i think for most people (esp. kernel devs) modify = patch, and not 'reconfigure'. but for all i care, i got the point across :).

> but I was thinking that userspace had the added protection of segments to protect against accessing the kernel.

even if the default segments were set up this way, there's modify_ldt and TLS to get around them.

> Are you saying that since Linux uses a flat segment space that the bugs happen for both i386 and x86_64?

yes (if 'happen' = 'are exploitable'). UDEREF on i386 uses segmentation to prevent exactly this class of bugs from becoming exploitable beyond DoS.

Quotes of the week

Posted Jun 14, 2012 16:38 UTC (Thu) by nevets (subscriber, #11875) [Link] (1 responses)

> yes (if 'happen' = 'are exploitable'). UDEREF on i386 uses segmentation to prevent exactly this class of bugs from becoming exploitable beyond DoS.

Which goes back to my original point. Why run vanilla Linux i386 on x86_64. It's better to just run x86_64 kernel with a i386 userspace, then an i386 kernel if you have extended RAM.

Quotes of the week

Posted Jun 14, 2012 18:11 UTC (Thu) by PaXTeam (guest, #24616) [Link]

sure, an amd64 kernel manages more RAM in a better way but you had a (rhetorical?) question as to why would someone still stick to i386, i just gave you one possible reason (better kernel self-defense), that's all :).