From owner-freebsd-security@FreeBSD.ORG Thu Sep 12 19:35:23 2013 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 40F04440 for ; Thu, 12 Sep 2013 19:35:23 +0000 (UTC) (envelope-from jonathon.s.wright@gmail.com) Received: from mail-ve0-x22c.google.com (mail-ve0-x22c.google.com [IPv6:2607:f8b0:400c:c01::22c]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id EF2C920C2 for ; Thu, 12 Sep 2013 19:35:22 +0000 (UTC) Received: by mail-ve0-f172.google.com with SMTP id oz11so224010veb.3 for ; Thu, 12 Sep 2013 12:35:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=BMuVPR+ZuC4L7IOT4x7r6hel2901JXJfT6wT4a8b678=; b=A+F5WjcTQrNngl106uMswnud0T/a5kd1oqNFVIz214+MkBgPzJaMlvI+6OHxAJqzFR tTBHEuEAk3NW+Q0RbJUW3huLWGcUEgZHGT4KUsWnKtVpVhiJBsFqlogXBrJyJ5bYy6G9 +VEKiSiNQZtZpNXkAzRicDAb8oSNbVDUf9qAlSLmaTupHmUFszWqP1miwDvsUTpKYF82 lmAx04LBMvpoyf/XKA9WgTXhshd9ssoDgoPwoSmAKRnsX75nVfhqgVFvFlxhFakyfnF/ Gy6ozL1BX/c36nVLeKRXdJ7reZ6GxIXrsD/5ToMA/aHkIyqX9k+f7Q/c9Kb/ccuIyKJ4 7n7A== MIME-Version: 1.0 X-Received: by 10.52.119.139 with SMTP id ku11mr1246168vdb.42.1379014522041; Thu, 12 Sep 2013 12:35:22 -0700 (PDT) Received: by 10.58.41.66 with HTTP; Thu, 12 Sep 2013 12:35:21 -0700 (PDT) In-Reply-To: <20130912183206.GK68682@funkthat.com> References: <20130912053559.GF68682@funkthat.com> <979901F9-5F25-4DF1-95A8-32473C55B25F@gmail.com> <20130912183206.GK68682@funkthat.com> Date: Thu, 12 Sep 2013 09:35:21 -1000 Message-ID: Subject: Re: FreeBSD Transient Memory problem? From: Jonathon Wright To: My Email , "freebsd-security@freebsd.org" Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.14 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Sep 2013 19:35:23 -0000 I'm looking into it now, I'm sure I'll have more questions, thanks for the starting point though! On Thu, Sep 12, 2013 at 8:32 AM, John-Mark Gurney wrote: > My Email wrote this message on Thu, Sep 12, 2013 at 07:49 -1000: > > My apologies, I have been replying too all, I hope that is the correct > method. > > > > Anyway, that is very interesting information. I'd be extremely > interested in information on customizing malloc and jemalloc. Let me know > where to start. Thanks! > > For jemalloc, look at man malloc: opt.junk > > for kernel malloc, look at sys/kern_malloc.c.. It doesn't look like > there is a knob to turn on kernel malloc filling, but it wouldn't be > hard... > > Though the performance impact of junk filling is very significant... > > > On Sep 11, 2013, at 7:35 PM, John-Mark Gurney wrote: > > > > > Jonathon Wright wrote this message on Wed, Sep 11, 2013 at 14:15 -1000: > > >> I have posted this question (username-scryptkiddy) in the forums: > > >> http://forums.freebsd.org/showthread.php?t=41875 > > >> but was suggested to bring it here to the mailing list for discussion. > > >> > > >> Basically, FreeBSD 8.3 (64bit) is what we use in our shop. We were > > >> inspected by a security team and they had issues with FreeBSD's memory > > >> management. > > >> > > >> Namely the transient memory and object reuse areas of FreeBSD. They > claimed > > >> that FreeBSD did not have a Common Criteria (EAL1-4) evaluation > completed, > > >> and therefore was vulnerable to the Transient memory problem. > > > > > > Any system that uses malloc will have difficulties with this as most > > > versions of free will not zero out the memory... You could make > > > modifications to kernel malloc to always zero memory on free, and turn > on > > > the junk feature of jemalloc and that could possibly close this issue > > > for them... > > > > > >> Our higher ups need some sort of documentation / testing that can be > used > > >> to counter this, since changing Operating Systems is not something we > have > > >> time / manpower to do, but might have too based on this supposed > 'finding'. > > >> > > >> The post has all the details. Let me know I need to repost in this as > well. > > > > > > I know that FreeBSD 4.7 and 4.9 has been EAL3 ceritfied. I worked for > > > nCircle a number of years ago, and they got their products EAL3 > > > cerified. > > > > > > Link: > > > > http://www.commoncriteriaportal.org:80/files/epfiles/nCircle%20CR%20v1.0.pdf > > > > > > It is possible someone else has received certification on a newer > version, > > > but I'm not aware of any at this time... > > -- > John-Mark Gurney Voice: +1 415 225 5579 > > "All that I will do, has been done, All that I have, has not." >