From owner-freebsd-stable@FreeBSD.ORG Wed Apr 4 17:40:05 2012 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id A1EF3106567B for ; Wed, 4 Apr 2012 17:40:05 +0000 (UTC) (envelope-from lattera@gmail.com) Received: from mail-ob0-f182.google.com (mail-ob0-f182.google.com [209.85.214.182]) by mx1.freebsd.org (Postfix) with ESMTP id 506B88FC15 for ; Wed, 4 Apr 2012 17:40:05 +0000 (UTC) Received: by obbwc18 with SMTP id wc18so792842obb.13 for ; Wed, 04 Apr 2012 10:40:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=wHnDk5Hmd2aDiRPRQoDDS/JeQNseIDwpG2Jx//kVNBM=; b=NDgw+8aUZFb5DWmKuq1dfoaMljp1PBC5zh+SyXgwatwXreHHjU9flnGt5irLy+4Y8E 7DjaPuaksib2FkxDJ8+0UV/m68cMOqK/D2In783Jvasx5LxpZa8hEZN79MxzsZxiaRIy hM1K5Dbdn0yJZ/fuXP1kAOfZK8dDqII4sxJw3h1mrnG3sTGWEPxi+U06xVdDj1CjqWyw n4Hb4guADCzzxddZpcCuKIdUsjSZyX/Wac1wMQzoJRWploTr1p/61D8mxpVYNyhsJ8Ky 1TwB1xkIqqWjvAathgRkFMgevXYOmNGG/dhXH7wKcrKPRLFqpQGzOLyxgFmfZtXy4F4B e3Sw== MIME-Version: 1.0 Received: by 10.182.48.66 with SMTP id j2mr5176835obn.72.1333561204899; Wed, 04 Apr 2012 10:40:04 -0700 (PDT) Received: by 10.182.19.161 with HTTP; Wed, 4 Apr 2012 10:40:04 -0700 (PDT) Received: by 10.182.19.161 with HTTP; Wed, 4 Apr 2012 10:40:04 -0700 (PDT) In-Reply-To: References: <4F766F29.2030803@cs.stonybrook.edu> <4F79D88B.3040102@cs.stonybrook.edu> <4F79E27E.3000509@cs.stonybrook.edu> <4F79FCB8.1090003@cs.stonybrook.edu> <4F7A05C4.9070808@cs.stonybrook.edu> <20120403170259.GA94837@neutralgood.org> <1333550029.1090.67.camel@revolution.hippie.lan> Date: Wed, 4 Apr 2012 11:40:04 -0600 Message-ID: From: Shawn Webb To: jb Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-stable@freebsd.org Subject: Re: Text relocations in kernel modules X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Apr 2012 17:40:05 -0000 If there is malicious code in a kernel module, then discussions of relocations become moot. Sent from my Android 4.0 device. Please forgive any spelling or grammatical errors. On Apr 4, 2012 11:35 AM, "jb" wrote: > Peter Wemm wemm.org> writes: > > > ... > > There is no way to interfere because it is done outside of user space > > entirely, **after** the file has been copied out of the file system. > > You can do whatever you like to the file, but it has no effect because > > all the relocation is done in a private kernel copy. > > ... > > What if attack code (broadly understood) is part of module code, and is > based > on either or both of: > - hidden (as to meaning and reloc targets) arrangement of relocations > needed > - has an ability of (self) activation during load/link and *relocations* > process > already under the privilege of the kernel ? > > Is that possible at all ? > Would there be any protection against it (except giving up relocations as > an enabling vehicle) ? > > jb > > > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" >