Date: Wed, 8 Jun 2016 17:01:02 +0200 From: "O. Hartmann" <ohartman@zedat.fu-berlin.de> To: FreeBSD CURRENT <freebsd-current@freebsd.org> Subject: CURRENT: bhyve and Kernel SamePage Mergin Message-ID: <20160608170102.6a0ee504.ohartman@zedat.fu-berlin.de>
next in thread | raw e-mail | index | archive | help
--Sig_/rAnmWtY3eRQN8Zc6zhu0xfZ Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable A couple of days I got as a responsible personell for a couple of systems a= warning about the vulnerabilities of the mechanism called "Kernel SamePage Mergin". On th= is year's IEEE symposion there has been submitted a paper by Bosman et al., 2016, describi= ng an attack on KSM. This technique, also referred to as memory/page deduplication, seem= s to be vulnerable by design under certain circumstances. I guess the experts of th= e readers here do already know, but I consider myself a non-expert and therefore, I'd like= to ask about the status of that kind of development in FreeBSD. I read about a project o= f last year's Google Summer of Code 2015 targetting KSM on FreeBSD. In Linux, this deduplication techniques is implemented since kernel 2.6.38 = and Windows Kernel uses this techniques since Windows 8.1 and sibblings (also Windows S= erver). We were strongly advised to disable those "features" in Windows clients, serve= rs and Linux servers, if used. Other papers describe successful attacks on memory contents and ASLR by mis= using KSM. On Windows, mmap() entropy is 19bit, on Linux usually 28bit. And FreeBSD (if planned/used/already implemented?)?=20 If you are interested I could provide links or PDFs of the papers I already= gathered about that subject (it is not much, simply google for "KSM FReeBSD" or KSM = deduplication ASLR). Thanks in advance, oh --Sig_/rAnmWtY3eRQN8Zc6zhu0xfZ Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJXWDMuAAoJEOgBcD7A/5N8Uj0IANpXcJh0VstTZpU9e8kLU7Jv E3VZGz6Q8NrV1+b3rqgeID8/8Nbq4/O0dSVaCXQmmOJfAO9vgbFxhZOman5jUbKh JnBSXTYjkKBAsS7oI/HK5/bdXdxNIvo8e+Z7Rwd85HrTFO3n7MaeZ6bSHKEobkQ9 f8dMjpAWtr2FC1QrjpfEl6FyKvJWMo7XzdLarn+h3d5NfG5xtLJwWE8z2Gf0IcW6 VScrzmyEylOH4Alk/asbh4qXl86BzL0wdmo0YeIk+Xb3Y8/v5/DU2XR+KS1KNxG7 md5o6Xp8pECtkMtxtPFnnnoOthI+OTPXc6hxgGalQGWSNEMeXu/jLec8b8Ckp6U= =sdIh -----END PGP SIGNATURE----- --Sig_/rAnmWtY3eRQN8Zc6zhu0xfZ--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20160608170102.6a0ee504.ohartman>