From: Daniel Micay <danielmicay@gmail.com>
To: kernel-hardening@lists.openwall.com
Cc: Peter Zijlstra <peterz@infradead.org>,
Kees Cook <keescook@chromium.org>,
Jeff Vander Stoep <jeffv@google.com>,
Ingo Molnar <mingo@redhat.com>,
Arnaldo Carvalho de Melo <acme@kernel.org>,
Alexander Shishkin <alexander.shishkin@linux.intel.com>,
"linux-doc@vger.kernel.org" <linux-doc@vger.kernel.org>,
LKML <linux-kernel@vger.kernel.org>,
Jonathan Corbet <corbet@lwn.net>
Subject: Re: [kernel-hardening] Re: [PATCH 1/2] security, perf: allow further restriction of perf_event_open
Date: Thu, 04 Aug 2016 12:32:32 -0400 [thread overview]
Message-ID: <1470328352.22643.110.camel@gmail.com> (raw)
In-Reply-To: <20160804161000.GA11673@leverpostej>
[-- Attachment #1: Type: text/plain, Size: 2015 bytes --]
On Thu, 2016-08-04 at 17:10 +0100, Mark Rutland wrote:
> On Thu, Aug 04, 2016 at 11:44:28AM -0400, Daniel Micay wrote:
> >
> > Qualcomm's drivers might be lower quality than core kernel code, but
> > they're way above the baseline set by mainline kernel drivers...
>
> I don't think that's true for the arm/arm64 perf code.
The baseline architecture support is essentially core kernel code. I
agree it's much better than the SoC vendor code. You're spending a lot
of time auditing, fuzzing and improving the code in general, which is
not true for most drivers. They don't get that attention.
> I think we've done a reasonable job of testing and fixing those, along
> with core infrastructure issues. The perf fuzzer runs for a very long
> time on a mainline kernel without issues, while on my Nexus 5x I get a
> hard lockup after ~85 seconds (and prior to the last android update
> the
> lockup was instantaneous).
>
> From my personal experience (and as above), and talking specifically
> about PMU drivers, I think that the opposite is true. This is not to
> say
> there aren't issues; I would not be surprised if there are. But it's
> disingenuous to say that mainline code is worse than that which exists
> in a vendor kernel when the latter is demonstrably much easier to
> break
> than the former.
I wasn't talking specifically about perf.
> If there are issues you are aware of, please report them. If those
> issues only exist in non-upstream code, then the applicable concerns
> are
> somewhat different (though certainly still exist).
I'm not going to do volunteer work for a corporation. I've learned that
lesson after spending years doing it.
> But please, let's frame the argument to match reality.
The argument is framed in reality. Stating that it now often takes a few
hours to find a vulnerability with the unaltered, widely known public
perf fuzzer is not impressive. It's really an argument for claiming that
it's a significant security issue.
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 851 bytes --]
next prev parent reply other threads:[~2016-08-04 16:32 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-07-27 14:45 [kernel-hardening] [PATCH 1/2] security, perf: allow further restriction of perf_event_open Jeff Vander Stoep
2016-07-27 14:45 ` Jeff Vander Stoep
2016-07-27 20:43 ` [kernel-hardening] " Kees Cook
2016-08-02 9:52 ` [kernel-hardening] " Peter Zijlstra
2016-08-02 9:52 ` Peter Zijlstra
2016-08-02 13:04 ` [kernel-hardening] " Arnaldo Carvalho de Melo
2016-08-02 13:04 ` Arnaldo Carvalho de Melo
2016-08-02 13:10 ` [kernel-hardening] " Daniel Micay
2016-08-02 13:16 ` Daniel Micay
2016-08-02 19:04 ` Kees Cook
2016-08-02 20:30 ` Peter Zijlstra
2016-08-02 20:51 ` Kees Cook
2016-08-02 21:06 ` Jeffrey Vander Stoep
2016-08-03 8:28 ` Ingo Molnar
2016-08-03 12:28 ` Daniel Micay
2016-08-03 12:53 ` Daniel Micay
2016-08-03 13:36 ` Peter Zijlstra
2016-08-03 14:41 ` Peter Zijlstra
2016-08-03 15:42 ` Schaufler, Casey
2016-08-03 17:25 ` Eric W. Biederman
2016-08-03 17:25 ` Eric W. Biederman
2016-08-03 18:53 ` Kees Cook
2016-08-03 21:44 ` Peter Zijlstra
2016-08-04 2:50 ` Eric W. Biederman
2016-08-04 2:50 ` Eric W. Biederman
2016-08-04 9:11 ` Peter Zijlstra
2016-08-04 15:13 ` Eric W. Biederman
2016-08-04 15:13 ` Eric W. Biederman
2016-08-04 15:37 ` Peter Zijlstra
2016-08-03 19:36 ` Daniel Micay
2016-08-04 10:28 ` Mark Rutland
2016-08-04 13:45 ` Daniel Micay
2016-08-04 14:11 ` Peter Zijlstra
2016-08-04 15:44 ` Daniel Micay
2016-08-04 15:55 ` Peter Zijlstra
2016-08-04 16:10 ` Mark Rutland
2016-08-04 16:32 ` Daniel Micay [this message]
2016-08-04 17:09 ` Mark Rutland
2016-08-04 17:36 ` Daniel Micay
2016-08-02 21:16 ` Jeffrey Vander Stoep
2016-10-17 13:44 ` [kernel-hardening] " Mark Rutland
2016-10-17 14:54 ` Daniel Micay
2016-10-19 9:41 ` Mark Rutland
2016-10-19 15:16 ` Daniel Micay
2016-10-18 20:48 ` Kees Cook
2016-10-18 21:15 ` Daniel Micay
2016-10-19 9:56 ` Mark Rutland
2016-10-19 10:01 ` Peter Zijlstra
2016-10-19 10:26 ` Arnaldo Carvalho de Melo
2016-10-19 10:40 ` Peter Zijlstra
2016-10-19 15:39 ` Daniel Micay
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1470328352.22643.110.camel@gmail.com \
--to=danielmicay@gmail.com \
--cc=acme@kernel.org \
--cc=alexander.shishkin@linux.intel.com \
--cc=corbet@lwn.net \
--cc=jeffv@google.com \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=peterz@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.