From owner-freebsd-stable@FreeBSD.ORG Wed Apr 4 15:57:08 2012 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id A4062106566B for ; Wed, 4 Apr 2012 15:57:08 +0000 (UTC) (envelope-from mpumford@mpcdata.com) Received: from owa.bsquare.com (vpn.bsquare.com [12.107.117.66]) by mx1.freebsd.org (Postfix) with ESMTP id 715A28FC18 for ; Wed, 4 Apr 2012 15:57:08 +0000 (UTC) Received: from [10.150.16.163] (81.2.99.171) by BREAL.camelot.bsquare.com (192.168.100.67) with Microsoft SMTP Server (TLS) id 14.1.218.12; Wed, 4 Apr 2012 08:57:02 -0700 Message-ID: <4F7C6F4B.1090205@mpcdata.com> Date: Wed, 4 Apr 2012 16:56:59 +0100 From: Mike Pumford User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:12.0) Gecko/20120322 Firefox/12.0 SeaMonkey/2.9 MIME-Version: 1.0 CC: References: <4F766F29.2030803@cs.stonybrook.edu> <4F79D88B.3040102@cs.stonybrook.edu> <4F79E27E.3000509@cs.stonybrook.edu> <4F79FCB8.1090003@cs.stonybrook.edu> <4F7A05C4.9070808@cs.stonybrook.edu> <20120403170259.GA94837@neutralgood.org> <1333550029.1090.67.camel@revolution.hippie.lan> In-Reply-To: Content-Type: text/plain; charset="ISO-8859-1"; format=flowed Content-Transfer-Encoding: 7bit X-Originating-IP: [81.2.99.171] Subject: Re: Text relocations in kernel modules X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Apr 2012 15:57:08 -0000 jb wrote: >> From the point of view of an attacker it does not matter whether kernel module > is loaded and linked once only. That's enough to create a window of opportunity > for interfering with relocation process and modifying text (code). > Well yes but said attacker has to be able to modify KERNEL memory to do it. If they can do that worrying about module relocations is pointless as they already own the machine. Mike