Received: by 2002:a05:7412:98c1:b0:fa:551:50a7 with SMTP id kc1csp1778210rdb; Mon, 8 Jan 2024 09:52:48 -0800 (PST) X-Google-Smtp-Source: AGHT+IGdMd5Ji5jaAdLf+ASu46wLsC4l7rsiMBMhxGbOqQKdd+y2s9iroGBX0fqwAjt7gGr+e9eN X-Received: by 2002:a17:906:2343:b0:a27:c453:8706 with SMTP id m3-20020a170906234300b00a27c4538706mr1593435eja.125.1704736367913; Mon, 08 Jan 2024 09:52:47 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1704736367; cv=none; d=google.com; s=arc-20160816; b=ltWmzdPmQbNafHjS2r5XmJ5awRt+/EW6ceqNvtIcaw0WyJhYDKUzatKrX4Nbyz4M52 Ztaa7BbyG9z0aL8dfHPyBLUjZYPkTBe/Vp2FxuC1l4lcbNsPhSO/5ZIgbI5SUvoIeeB7 vZMPSSUmIA5W61bTB4q6BYgi4Q9/Qs3829c/SO3rcSR1b/HYh5eRJ4HhTEW/WbnpOr5o 5NlOcP73UlCiGpSd3Rm6lwwAZlK2bm73ZdT3e3CCObDn5gdGD993wiiTugLI+GtJfXQt 6r7oF7hvzj/pk06WNBwDlFFQ4IFU0TNrJlKNyDv6sx05WwrbituqHFLBfDyOppV3ueNA eUGw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:content-disposition:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:message-id:subject:cc :to:from:date:dkim-signature; bh=x1abJydjZLln7hQl4E3lvrRUTA89HK7MRnwUoF4czmg=; fh=ZvXLYgHVoaiXfJCBIqsdpkEoMp7UxHjwu6Q0244ORIQ=; b=ieP4RWkXKB0IzQGw8EpdpKr4PUVzsEIu/+OCdZ4Lg5u7gzU37vXpeqHw3FB+Hy/OtZ Cd9WQk0KEhDWKsK6NO16yibHAZgyJurwxDo/aEzpNiAFa4Zj3Dw5z53qUVQoUjMSiy1h xkPFsZUg/EbXpsuaic6jpLpi5HRZC1HCkJ8umM/9TQgivx7NbnuVL7bLP5MmHA7v2UA/ DIbYrjriOnzGnvex73jikYLX24c2EjTOj+EtdMELMQgzsg69/xLF0kP9MbcsE0woAL0C BhzDncBcEPYy0KadmrIN+VSISKFJaGmTGQDJ5PK3TP46iCdKWQIucCU84aBUiVt4ZYcR B4RA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=kccll3Y2; spf=pass (google.com: domain of linux-kernel+bounces-19913-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-19913-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id z2-20020a170906714200b00a2331cdd01csi90712ejj.758.2024.01.08.09.52.47 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 08 Jan 2024 09:52:47 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-19913-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=kccll3Y2; spf=pass (google.com: domain of linux-kernel+bounces-19913-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-kernel+bounces-19913-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 9B9711F239CD for ; Mon, 8 Jan 2024 17:52:47 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 6F89C54BDB; Mon, 8 Jan 2024 17:44:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=chromium.org header.i=@chromium.org header.b="kccll3Y2" X-Original-To: linux-kernel@vger.kernel.org Received: from mail-pl1-f174.google.com (mail-pl1-f174.google.com [209.85.214.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6651755C2A for ; Mon, 8 Jan 2024 17:44:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=chromium.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=chromium.org Received: by mail-pl1-f174.google.com with SMTP id d9443c01a7336-1d409bcb0e7so6515765ad.1 for ; Mon, 08 Jan 2024 09:44:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1704735863; x=1705340663; darn=vger.kernel.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=x1abJydjZLln7hQl4E3lvrRUTA89HK7MRnwUoF4czmg=; b=kccll3Y2FdDLUo5tupbjJIUs4wG1s03ovzv6aHkTzill4M2c5vu+zc3OoJ9PM1sCDI zrv1M1pmLbfgwG+AJDcx+2SJRM92LNLnv3aZabxwW19N93nTLP/qY/tFQ9NYN7sAuEJ+ XIiTX5kqFO1VdKKdOBckO35BzoST5D3ArXkMo= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1704735863; x=1705340663; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date :message-id:reply-to; bh=x1abJydjZLln7hQl4E3lvrRUTA89HK7MRnwUoF4czmg=; b=dxgRROheQNhnTRHbTkaNMD7RlYRnBlZDaxjjHPJBBClwSZA8CDL+QFcPKhWPiywMye /YpdHz36j+ZCP+KpPcI4svx+cOQ055IZzWf52DPtYr/ZvCm3ODGJoRf7kdY+2fvTXI25 ydXl1woVEtxWEgEqcd2I0PsOuEWNW/fCDCFkiSCFvPJ5rFSRZtrDK48AkuTp7Oc0C4SG q0u1gyQAMguyK56r/uOsLPMgttBHrvIWn0tkSev9I/zgV9SmaA5IBuND38eroCsUClaV iKfWXaCyxpvf+Jq1XLKqEbFcNRvwiG/M8/ZLwt03DdbT8H5LhC94Of/YA6Q7s7e2o1jw N0RQ== X-Gm-Message-State: AOJu0Yxy3DNBNyvSxMRNNUokOIeutTY0DV5U/F10GZyvivz1LG5j+Rsp SeT4h9bEApO9a55P1UdCCvVUIrrL0ado X-Received: by 2002:a17:902:b093:b0:1d0:6ffd:ae22 with SMTP id p19-20020a170902b09300b001d06ffdae22mr1611156plr.137.1704735863639; Mon, 08 Jan 2024 09:44:23 -0800 (PST) Received: from www.outflux.net (198-0-35-241-static.hfc.comcastbusiness.net. [198.0.35.241]) by smtp.gmail.com with ESMTPSA id gx4-20020a056a001e0400b006daf1ded817sm136207pfb.209.2024.01.08.09.44.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 08 Jan 2024 09:44:23 -0800 (PST) Date: Mon, 8 Jan 2024 09:44:22 -0800 From: Kees Cook To: Jasper Niebuhr Cc: linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, "dave.hansen@linux.intel.com" , "luto@amacapital.net" , hpa@zytor.com, Linus Torvalds Subject: Re: Post Compile-Time RandStruct Message-ID: <202401080942.9729377F@keescook> References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: On Fri, Dec 29, 2023 at 11:57:57AM +0100, Jasper Niebuhr wrote: > Unfortunately, debug information turned out to be inaccurate and > incomplete at times. Combined with the kernel's quadrillion edge > cases, this prevented me from taking the prototype any further until > the deadline. We can see this concept fully shine with, for example, a > compiler plugin to log any accesses, instead of a tool that deals with > debug info. The second part of the prototype (or a mature, later > version of it) can be integrated into distro installers or run > whenever the kernel is updated. Even integration into the kernel's > boot process would be an option. Have you tried the Clang implementation of randstruct? It has correct DWARF info, AFAIK. > Since I am now in the writing phase of my thesis (deadline mid > January), I thought I'd share our thoughts to hopefully get some > feedback. Do you think this approach solves some of the issues that > RandStruct currently comes with? Can you see such a system actually > being deployed once it's fully functional? Most distros don't use randstruct because it doesn't really do much given their identical kernel images, so I'd love to see this kind of work happen at run-time, and I think distro images would embrace it. I look forward to seeing the research! -Kees -- Kees Cook