On Tue, Jan 21, 2014 at 6:20 AM, H. Peter Anvin <h...@zytor.com> wrote: > On 01/21/2014 01:00 AM, Peter Zijlstra wrote: >>> >>> So this is presumably something that needs to be fixed in perf? >> >> Where do we learn about the offset from userspace? > > Now this is tricky... if this offset is too easy to get it completely > defeats kASLR. On the other hand, I presume that if we are exporting > /proc/kcore we're not secure anyway. Kees, I assume that in "secure" > mode perf annotations simply wouldn't work anyway?
The goal scope of the kernel base address randomization is to keep it secret from non-root users, confined processes, and/or remote systems. For local secrecy, if you're running with kaslr and you haven't set kptr_restrict, dmesg_restrict, and perf_event_paranoid, that's a problem since you're likely leaking things trivially through /proc/kallsyms, dmesg, and/or perf. -Kees -- Kees Cook Chrome OS Security -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
