All of lore.kernel.org
 help / color / mirror / Atom feed
From: Jose Luis Marchetti <joseluismarchetti@yahoo.com.br>
To: linux-kernel@vger.kernel.org
Subject: Suggestions on process integrity checking
Date: Fri, 23 Apr 2010 09:48:19 -0700 (PDT)	[thread overview]
Message-ID: <111445.29577.qm@web34404.mail.mud.yahoo.com> (raw)

Hi,

I need to implement a process integrity check, this is to make sure that a process that is running at the time of checking was not corrupted since it was first loaded in memory.
I would appreciate suggestions on where I should implement this in the Linux kernel, my first outline of this work is:

1) Add a field to task_struct that would hold some sort of process digital signature, it could be a CRC32 of process code space, this is not defined yet.
2) For simplicity let us assume an elf file is being executed, in binfmt_elf.c I see the elf file program segments are mmap to the virtual addresses and no read is actually done there ( or am I wrong ?). Where the reading of program segments is actually being done.
3) When the program segments are read in memory I need to update the process digital signature.
4) Then there is the checking part, if the kernel have to perform this checking periodically, how/where do you suggest it to be implemented ?

I was not successful in finding any similar implementation on the Internet that I could base my work on, if you know of any, please let me know.

Thanks in advance for any suggestion.

José Luís Marchetti


      

                 reply	other threads:[~2010-04-23 16:55 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=111445.29577.qm@web34404.mail.mud.yahoo.com \
    --to=joseluismarchetti@yahoo.com.br \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.