[Ksummit-discuss] [TECH TOPIC] Kernel Hardening
Kees Cook
keescook at chromium.org
Tue Aug 25 16:33:27 UTC 2015
On Tue, Aug 25, 2015 at 9:30 AM, Mark Brown <broonie at kernel.org> wrote:
> On Tue, Aug 25, 2015 at 09:15:32AM -0600, Shuah Khan wrote:
>> On Mon, Aug 24, 2015 at 10:35 AM, Kees Cook <keescook at chromium.org> wrote:
>
>> > I agree with the sentiment here, but not with the language. Finding
>> > flaws (which is what selftests, KASan, Trinity, etc do) isn't
>> > hardening. Hardening is stopping the exploitation of flaws. The
>> > hardening the kernel needs is about taking away exploitation tools,
>> > not killing bugs. (Though killing bugs is still great.)
>
>> I agree with Kees on this. Kselftest or any other test suites can help
>> with regression testing and make sure Kernel works the way it should.
>> Also these tests can tell us if kernel is hardened or not.
>
>> Hardening means something different to me. i.e making sure kernel
>> can protect against attacks and fail gracefully. This is something to
>> address during design and development process.
>
> Testsuites can help here if we get into the habit of making sure they
> exercise error conditions; they're off to the side a bit but they can
> be a useful way of promoting good practice (at least in my experience).
Yeah, this is what I've done with a bunch of the newer tests in the
lkdtm module. They're designed to Oops the machine by performing
actions that should be caught by various mitigations (e.g. writing to
kernel text, executing userspace memory from the kernel, etc).
-Kees
--
Kees Cook
Chrome OS Security
More information about the Ksummit-discuss
mailing list