Date: Wed, 4 Apr 2012 16:56:59 +0100 From: Mike Pumford <mpumford@mpcdata.com> Cc: <freebsd-stable@freebsd.org> Subject: Re: Text relocations in kernel modules Message-ID: <4F7C6F4B.1090205@mpcdata.com> In-Reply-To: <loom.20120404T165909-66@post.gmane.org> References: <CAGE5yCpuvsVrc-%2BDTVas-W4fjuP2s%2B6PQONMOTyEbGnj2CY3ig@mail.gmail.com> <4F766F29.2030803@cs.stonybrook.edu> <CAFHbX1KiZx68MP4bCAvPc0Zui3fA4O35_z3kP781zoJqLYp7Bw@mail.gmail.com> <4F79D88B.3040102@cs.stonybrook.edu> <CAFHbX1KE15G9gx7Duw2R8zC5jL1jiEir0yMB0-s5%2B4xx517WtQ@mail.gmail.com> <4F79E27E.3000509@cs.stonybrook.edu> <CAGE5yCrwLosuTT2yq0DEx%2Bz8ztKpkrB=tORmURcuh_SCz=L7qg@mail.gmail.com> <4F79FCB8.1090003@cs.stonybrook.edu> <CAGE5yCrz45AWeJGv=2UWRq7xpXZVtvsx%2B5O6cvaE6ZzoFrz5mA@mail.gmail.com> <4F7A05C4.9070808@cs.stonybrook.edu> <20120403170259.GA94837@neutralgood.org> <loom.20120404T103230-175@post.gmane.org> <1333550029.1090.67.camel@revolution.hippie.lan> <loom.20120404T165909-66@post.gmane.org>
next in thread | previous in thread | raw e-mail | index | archive | help
jb wrote: >> From the point of view of an attacker it does not matter whether kernel module > is loaded and linked once only. That's enough to create a window of opportunity > for interfering with relocation process and modifying text (code). > Well yes but said attacker has to be able to modify KERNEL memory to do it. If they can do that worrying about module relocations is pointless as they already own the machine. Mike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4F7C6F4B.1090205>