Attacking hardened Linux systems with kernel JIT spraying
Attacking hardened Linux systems with kernel JIT spraying
Posted Nov 19, 2012 16:00 UTC (Mon) by khim (subscriber, #9252)In reply to: Attacking hardened Linux systems with kernel JIT spraying by cyanit
Parent article: Attacking hardened Linux systems with kernel JIT spraying
Well, if you wrote the kernel in a type-safe garbage-collected language (e.g. Java), then the static proof would be trivial since it is by construction impossible to violate the language invariants (assuming the VM and low-level support code is correct).
Unfortunately this small addition at the end makes the whole thing useless: simple interpreter mode for languages like Java are too slow and thus "VM and low-level support code" is typically comparable in complexity to OS kernel (in some sense it is an OS kernel).
The real reason is that apparently nobody cares enough to do the work.
No. The real reason is that it takes time and does not pay.
Posted Nov 19, 2012 16:40 UTC (Mon)
by drag (guest, #31333)
[Link] (2 responses)
Posted Nov 20, 2012 3:07 UTC (Tue)
by liam (guest, #84133)
[Link] (1 responses)
Posted Nov 20, 2012 19:15 UTC (Tue)
by mathstuf (subscriber, #69389)
[Link]
I suppose that since there's a high chance of it happening, the question boils down to: "What wins when the decision is between ABI compatibility and provably secure?"
Attacking hardened Linux systems with kernel JIT spraying
Attacking hardened Linux systems with kernel JIT spraying
There are parts of the kernel that are only touched rarely (ex. block/deadline-iosched, though there are probably better examples).
It seems as though this type of analysis might be good long term project.
Of course, if it is truly infeasible for any but the least interesting parts of the kernel then it is a waste of time.
Attacking hardened Linux systems with kernel JIT spraying