Date: Wed, 8 Jun 2016 17:01:02 +0200 From: "O. Hartmann" <ohartman@zedat.fu-berlin.de> To: FreeBSD CURRENT <freebsd-current@freebsd.org> Subject: CURRENT: bhyve and Kernel SamePage Mergin Message-ID: <20160608170102.6a0ee504.ohartman@zedat.fu-berlin.de>
next in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] A couple of days I got as a responsible personell for a couple of systems a warning about the vulnerabilities of the mechanism called "Kernel SamePage Mergin". On this year's IEEE symposion there has been submitted a paper by Bosman et al., 2016, describing an attack on KSM. This technique, also referred to as memory/page deduplication, seems to be vulnerable by design under certain circumstances. I guess the experts of the readers here do already know, but I consider myself a non-expert and therefore, I'd like to ask about the status of that kind of development in FreeBSD. I read about a project of last year's Google Summer of Code 2015 targetting KSM on FreeBSD. In Linux, this deduplication techniques is implemented since kernel 2.6.38 and Windows Kernel uses this techniques since Windows 8.1 and sibblings (also Windows Server). We were strongly advised to disable those "features" in Windows clients, servers and Linux servers, if used. Other papers describe successful attacks on memory contents and ASLR by misusing KSM. On Windows, mmap() entropy is 19bit, on Linux usually 28bit. And FreeBSD (if planned/used/already implemented?)? If you are interested I could provide links or PDFs of the papers I already gathered about that subject (it is not much, simply google for "KSM FReeBSD" or KSM deduplication ASLR). Thanks in advance, oh [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJXWDMuAAoJEOgBcD7A/5N8Uj0IANpXcJh0VstTZpU9e8kLU7Jv E3VZGz6Q8NrV1+b3rqgeID8/8Nbq4/O0dSVaCXQmmOJfAO9vgbFxhZOman5jUbKh JnBSXTYjkKBAsS7oI/HK5/bdXdxNIvo8e+Z7Rwd85HrTFO3n7MaeZ6bSHKEobkQ9 f8dMjpAWtr2FC1QrjpfEl6FyKvJWMo7XzdLarn+h3d5NfG5xtLJwWE8z2Gf0IcW6 VScrzmyEylOH4Alk/asbh4qXl86BzL0wdmo0YeIk+Xb3Y8/v5/DU2XR+KS1KNxG7 md5o6Xp8pECtkMtxtPFnnnoOthI+OTPXc6hxgGalQGWSNEMeXu/jLec8b8Ckp6U= =sdIh -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20160608170102.6a0ee504.ohartman>