[Ksummit-discuss] late self-nomination
Andy Lutomirski
luto at amacapital.net
Tue Aug 2 17:28:43 UTC 2016
On Tue, Aug 2, 2016 at 10:23 AM, Michael S. Tsirkin <mst at redhat.com> wrote:
> Hi folks!
>
> Likely too late, but oh well.
> I would like to self-nominate for kernel summit this year.
>
> I am the maintainer of the virtio subsystem, and within KVM, of the PC
> and PCI subsystems. Intelnally within Red Hat I'm a tech lead for the
> team handling the networking for VMs.
>
> I would like to participate in self-hardening to see whether
> hypervisor extensions (like e.g. kernel guard technology)
> can benefit that project,
This isn't quite on-topic, but I suggested something that I think
would be useful last year (possibly off-list -- I don't remember):
On x86 with VMX, the EPT page tables have separate R, W, and X bits.
If a hypervisor were to limit the guest physical address space to the
lower half (high bit always clear) and then alias all of it with the
high guest physical address bit set and R clear, then the guest could
use the high physical address bit as an effective R bit. That would
allow PROT_WRITE, PROT_EXEC, and PROT_WRITE|PROT_EXEC mappings to work
without granting read access.
Doing this would provide some protection against attacks that use a
wild read to scan for code or data structures at otherwise
unpredictable addresses or to blindly search for ROP gadgets.
More information about the Ksummit-discuss
mailing list