On 11/04/16 19:03, Kees Cook wrote:
> On Mon, Apr 11, 2016 at 1:00 AM, James Morse wrote:
>> On 06/04/16 20:44, Kees Cook wrote:
>>> When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
>>> one or the other must be chosen at boot-time. Until now, hibernation
On 11/04/16 19:03, Kees Cook wrote:
> On Mon, Apr 11, 2016 at 1:00 AM, James Morse wrote:
>> On 06/04/16 20:44, Kees Cook wrote:
>>> When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
>>> one or the other must be chosen at boot-time. Until now, hibernation
>>> was selected when
On Mon, Apr 11, 2016 at 11:21 AM, Geert Uytterhoeven
wrote:
> On Mon, Apr 11, 2016 at 8:03 PM, Kees Cook wrote:
>> On Mon, Apr 11, 2016 at 1:00 AM, James Morse wrote:
>>> On 06/04/16 20:44, Kees Cook wrote:
When building
On Mon, Apr 11, 2016 at 11:21 AM, Geert Uytterhoeven
wrote:
> On Mon, Apr 11, 2016 at 8:03 PM, Kees Cook wrote:
>> On Mon, Apr 11, 2016 at 1:00 AM, James Morse wrote:
>>> On 06/04/16 20:44, Kees Cook wrote:
When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
one or
On Mon, Apr 11, 2016 at 8:03 PM, Kees Cook wrote:
> On Mon, Apr 11, 2016 at 1:00 AM, James Morse wrote:
>> On 06/04/16 20:44, Kees Cook wrote:
>>> When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
>>> one or the other must be chosen
On Mon, Apr 11, 2016 at 8:03 PM, Kees Cook wrote:
> On Mon, Apr 11, 2016 at 1:00 AM, James Morse wrote:
>> On 06/04/16 20:44, Kees Cook wrote:
>>> When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
>>> one or the other must be chosen at boot-time. Until now, hibernation
>>>
On Mon, Apr 11, 2016 at 1:00 AM, James Morse wrote:
> Hi Kees,
>
> On 06/04/16 20:44, Kees Cook wrote:
>> When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
>> one or the other must be chosen at boot-time. Until now, hibernation
>> was selected when no
On Mon, Apr 11, 2016 at 1:00 AM, James Morse wrote:
> Hi Kees,
>
> On 06/04/16 20:44, Kees Cook wrote:
>> When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
>> one or the other must be chosen at boot-time. Until now, hibernation
>> was selected when no choice was made on the
Hi Kees,
On 06/04/16 20:44, Kees Cook wrote:
> When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
> one or the other must be chosen at boot-time. Until now, hibernation
> was selected when no choice was made on the command line.
>
> To make the security benefits of kASLR more
Hi Kees,
On 06/04/16 20:44, Kees Cook wrote:
> When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
> one or the other must be chosen at boot-time. Until now, hibernation
> was selected when no choice was made on the command line.
>
> To make the security benefits of kASLR more
* Rafael J. Wysocki wrote:
> [...]
>
> One of the weak points is the final jump, because it has to be done to the
> physical location of the image kernel's entry point even though the virtual
> addresses of it may differ between the boot and the image kernels. The seed
>
* Rafael J. Wysocki wrote:
> [...]
>
> One of the weak points is the final jump, because it has to be done to the
> physical location of the image kernel's entry point even though the virtual
> addresses of it may differ between the boot and the image kernels. The seed
> is
> not needed
* Kees Cook wrote:
> >> I don't think this is a good idea, as it turns off emergency hibernation
> >> of
> >> laptops - many desktop distros support it by default.
> >
> > Right, I forgot about this one.
>
> When I last checked Ubuntu doesn't enable hibernation by
* Kees Cook wrote:
> >> I don't think this is a good idea, as it turns off emergency hibernation
> >> of
> >> laptops - many desktop distros support it by default.
> >
> > Right, I forgot about this one.
>
> When I last checked Ubuntu doesn't enable hibernation by default any more:
>
On wo, 2016-04-06 at 15:16 -0700, Kees Cook wrote:
> And it seems like Fedora either doesn't either, or has a lot of people
> for whom it doesn't work:
> https://bugzilla.redhat.com/show_bug.cgi?id=1206936
> https://bugzilla.redhat.com/show_bug.cgi?id=1224151
>
On wo, 2016-04-06 at 15:16 -0700, Kees Cook wrote:
> And it seems like Fedora either doesn't either, or has a lot of people
> for whom it doesn't work:
> https://bugzilla.redhat.com/show_bug.cgi?id=1206936
> https://bugzilla.redhat.com/show_bug.cgi?id=1224151
>
On Wed, Apr 6, 2016 at 11:52 PM, Ingo Molnar wrote:
>
> * Ingo Molnar wrote:
>
>>
>> * Kees Cook wrote:
>>
>> > On Wed, Apr 6, 2016 at 1:56 PM, Linus Torvalds
>> > wrote:
>> > > On Wed, Apr 6, 2016 at
On Wed, Apr 6, 2016 at 11:52 PM, Ingo Molnar wrote:
>
> * Ingo Molnar wrote:
>
>>
>> * Kees Cook wrote:
>>
>> > On Wed, Apr 6, 2016 at 1:56 PM, Linus Torvalds
>> > wrote:
>> > > On Wed, Apr 6, 2016 at 1:17 PM, Pavel Machek wrote:
>> > >>
>> > >> Why is kASLR incompatible with hibernation? We
On Wed, Apr 6, 2016 at 3:04 PM, Rafael J. Wysocki wrote:
> On Wed, Apr 6, 2016 at 11:56 PM, Ingo Molnar wrote:
>>
>> * Rafael J. Wysocki wrote:
>>
>>> On Wed, Apr 6, 2016 at 9:44 PM, Kees Cook wrote:
>>> > When
On Wed, Apr 6, 2016 at 3:04 PM, Rafael J. Wysocki wrote:
> On Wed, Apr 6, 2016 at 11:56 PM, Ingo Molnar wrote:
>>
>> * Rafael J. Wysocki wrote:
>>
>>> On Wed, Apr 6, 2016 at 9:44 PM, Kees Cook wrote:
>>> > When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
>>> > one or the
On Wed, Apr 6, 2016 at 11:56 PM, Ingo Molnar wrote:
>
> * Rafael J. Wysocki wrote:
>
>> On Wed, Apr 6, 2016 at 9:44 PM, Kees Cook wrote:
>> > When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
>> > one or the other
On Wed, Apr 6, 2016 at 11:56 PM, Ingo Molnar wrote:
>
> * Rafael J. Wysocki wrote:
>
>> On Wed, Apr 6, 2016 at 9:44 PM, Kees Cook wrote:
>> > When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
>> > one or the other must be chosen at boot-time. Until now, hibernation
>> > was
* Rafael J. Wysocki wrote:
> On Wed, Apr 6, 2016 at 9:44 PM, Kees Cook wrote:
> > When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
> > one or the other must be chosen at boot-time. Until now, hibernation
> > was selected when no
* Rafael J. Wysocki wrote:
> On Wed, Apr 6, 2016 at 9:44 PM, Kees Cook wrote:
> > When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
> > one or the other must be chosen at boot-time. Until now, hibernation
> > was selected when no choice was made on the command line.
> >
> >
* Ingo Molnar wrote:
>
> * Kees Cook wrote:
>
> > On Wed, Apr 6, 2016 at 1:56 PM, Linus Torvalds
> > wrote:
> > > On Wed, Apr 6, 2016 at 1:17 PM, Pavel Machek wrote:
> > >>
> > >> Why is kASLR
* Ingo Molnar wrote:
>
> * Kees Cook wrote:
>
> > On Wed, Apr 6, 2016 at 1:56 PM, Linus Torvalds
> > wrote:
> > > On Wed, Apr 6, 2016 at 1:17 PM, Pavel Machek wrote:
> > >>
> > >> Why is kASLR incompatible with hibernation? We can hibernate have
> > >> 4.3 kernel resume hibernation image
On Wed, Apr 6, 2016 at 9:44 PM, Kees Cook wrote:
> When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
> one or the other must be chosen at boot-time. Until now, hibernation
> was selected when no choice was made on the command line.
>
> To make the
On Wed, Apr 6, 2016 at 9:44 PM, Kees Cook wrote:
> When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
> one or the other must be chosen at boot-time. Until now, hibernation
> was selected when no choice was made on the command line.
>
> To make the security benefits of kASLR
* Kees Cook wrote:
> On Wed, Apr 6, 2016 at 1:56 PM, Linus Torvalds
> wrote:
> > On Wed, Apr 6, 2016 at 1:17 PM, Pavel Machek wrote:
> >>
> >> Why is kASLR incompatible with hibernation? We can hibernate have
> >> 4.3 kernel
* Kees Cook wrote:
> On Wed, Apr 6, 2016 at 1:56 PM, Linus Torvalds
> wrote:
> > On Wed, Apr 6, 2016 at 1:17 PM, Pavel Machek wrote:
> >>
> >> Why is kASLR incompatible with hibernation? We can hibernate have
> >> 4.3 kernel resume hibernation image of 4.2 kernel (on x86-64, and I
> >> have
On Wed, Apr 6, 2016 at 1:56 PM, Linus Torvalds
wrote:
> On Wed, Apr 6, 2016 at 1:17 PM, Pavel Machek wrote:
>>
>> Why is kASLR incompatible with hibernation? We can hibernate have
>> 4.3 kernel resume hibernation image of 4.2 kernel (on x86-64, and I
On Wed, Apr 6, 2016 at 1:56 PM, Linus Torvalds
wrote:
> On Wed, Apr 6, 2016 at 1:17 PM, Pavel Machek wrote:
>>
>> Why is kASLR incompatible with hibernation? We can hibernate have
>> 4.3 kernel resume hibernation image of 4.2 kernel (on x86-64, and I
>> have patches for x86). Resuming kernel
On Wed, Apr 6, 2016 at 1:17 PM, Pavel Machek wrote:
>
> Why is kASLR incompatible with hibernation? We can hibernate have
> 4.3 kernel resume hibernation image of 4.2 kernel (on x86-64, and I
> have patches for x86). Resuming kernel with different randomization
> does not look that
On Wed, Apr 6, 2016 at 1:17 PM, Pavel Machek wrote:
>
> Why is kASLR incompatible with hibernation? We can hibernate have
> 4.3 kernel resume hibernation image of 4.2 kernel (on x86-64, and I
> have patches for x86). Resuming kernel with different randomization
> does not look that much
Hi!
> When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
> one or the other must be chosen at boot-time. Until now, hibernation
> was selected when no choice was made on the command line.
>
> To make the security benefits of kASLR more widely available to end
> users (since
Hi!
> When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
> one or the other must be chosen at boot-time. Until now, hibernation
> was selected when no choice was made on the command line.
>
> To make the security benefits of kASLR more widely available to end
> users (since
When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
one or the other must be chosen at boot-time. Until now, hibernation
was selected when no choice was made on the command line.
To make the security benefits of kASLR more widely available to end
users (since the use of
When building with both CONFIG_HIBERNATION and CONFIG_RANDOMIZE_BASE,
one or the other must be chosen at boot-time. Until now, hibernation
was selected when no choice was made on the command line.
To make the security benefits of kASLR more widely available to end
users (since the use of
38 matches
Mail list logo