Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752792AbcDFShM (ORCPT ); Wed, 6 Apr 2016 14:37:12 -0400 Received: from mail-wm0-f42.google.com ([74.125.82.42]:38847 "EHLO mail-wm0-f42.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752391AbcDFShK (ORCPT ); Wed, 6 Apr 2016 14:37:10 -0400 MIME-Version: 1.0 In-Reply-To: References: <1459947782-5071-1-git-send-email-ed@abdsec.com> <5e5e7c7ced7bede343530ed1447d7453@abdsec.com> Date: Wed, 6 Apr 2016 11:37:02 -0700 X-Google-Sender-Auth: Nj9OeynFfDek1c2V5G9Zy97lGxc Message-ID: Subject: Re: [PATCH] KERNEL: resource: Fix bug on leakage in /proc/iomem file From: Kees Cook To: Linus Torvalds Cc: Emrah Demir , Dan Rosenberg , Dave Jones , Kernel Hardening , Linux Kernel Mailing List Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 845 Lines: 23 On Wed, Apr 6, 2016 at 11:31 AM, Linus Torvalds wrote: > On Wed, Apr 6, 2016 at 11:05 AM, wrote: >> >> Most distros don't use KASLR, but they use kptr_restrict. Without KASLR, >> kptr_restirct most likely useless. > > Well, yes kaslr is effectively useless right now due to the fact that > people still use hibernation in effectively every single distro out > there. At some point I'd like to see if distros would be interested in inverting the default logic (maybe with a CONFIG to avoid changing the current behavior) where instead of needing to put "kaslr" on the command line to prefer kaslr over hibernation, end users would need to add "nokaslr" to perfer hibernation for that boot. (Bike shed config name: CONFIG_RANDOMIZE_BASE_ENABLED.) -Kees -- Kees Cook Chrome OS & Brillo Security