* [kernel-hardening] For whoever's looking at memory santizing.. @ 2016-01-14 23:11 Valdis Kletnieks 2016-01-15 0:36 ` Hanno Böck 0 siblings, 1 reply; 4+ messages in thread From: Valdis Kletnieks @ 2016-01-14 23:11 UTC (permalink / raw) To: kernel-hardening [-- Attachment #1: Type: text/plain, Size: 284 bytes --] If you need a real-life example of why we should be doing it consistently: http://venturebeat.com/2016/01/13/nvidia-blames-apple-for-bug-that-exposes-porn-browsing-in-chromes-incognito-mode/ (Not taking sides on who failed to do it in this case - obviously *somebody* has ti do it) [-- Attachment #2: Type: application/pgp-signature, Size: 848 bytes --] ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [kernel-hardening] For whoever's looking at memory santizing.. 2016-01-14 23:11 [kernel-hardening] For whoever's looking at memory santizing Valdis Kletnieks @ 2016-01-15 0:36 ` Hanno Böck 2016-01-19 17:23 ` Kees Cook 0 siblings, 1 reply; 4+ messages in thread From: Hanno Böck @ 2016-01-15 0:36 UTC (permalink / raw) To: kernel-hardening [-- Attachment #1: Type: text/plain, Size: 559 bytes --] On Thu, 14 Jan 2016 18:11:09 -0500 Valdis Kletnieks <Valdis.Kletnieks@vt.edu> wrote: > If you need a real-life example of why we should be doing it > consistently: > > http://venturebeat.com/2016/01/13/nvidia-blames-apple-for-bug-that-exposes-porn-browsing-in-chromes-incognito-mode/ This article seems to be only about OS X. I hope it's no secret that this is a problem on Linux as well: https://hsmr.cc/palinopsia/ And from all I'm aware it's unfixed. -- Hanno Böck http://hboeck.de/ mail/jabber: hanno@hboeck.de GPG: BBB51E42 [-- Attachment #2: OpenPGP digital signature --] [-- Type: application/pgp-signature, Size: 819 bytes --] ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [kernel-hardening] For whoever's looking at memory santizing.. 2016-01-15 0:36 ` Hanno Böck @ 2016-01-19 17:23 ` Kees Cook 2016-01-25 23:33 ` Schaufler, Casey 0 siblings, 1 reply; 4+ messages in thread From: Kees Cook @ 2016-01-19 17:23 UTC (permalink / raw) To: Casey Schaufler; +Cc: kernel-hardening@lists.openwall.com On Thu, Jan 14, 2016 at 4:36 PM, Hanno Böck <hanno@hboeck.de> wrote: > On Thu, 14 Jan 2016 18:11:09 -0500 > Valdis Kletnieks <Valdis.Kletnieks@vt.edu> wrote: > >> If you need a real-life example of why we should be doing it >> consistently: >> >> http://venturebeat.com/2016/01/13/nvidia-blames-apple-for-bug-that-exposes-porn-browsing-in-chromes-incognito-mode/ > > This article seems to be only about OS X. > > I hope it's no secret that this is a problem on Linux as well: > https://hsmr.cc/palinopsia/ > > And from all I'm aware it's unfixed. I'm curious if this is fixable from the DRM layer, or if it's strictly driver-specific. Casey, could you bounce this toward some of the Intel graphics folks? While Intel isn't called out, I'm curious if there is still something that could be done in the general case... -Kees -- Kees Cook Chrome OS & Brillo Security ^ permalink raw reply [flat|nested] 4+ messages in thread
* RE: [kernel-hardening] For whoever's looking at memory santizing.. 2016-01-19 17:23 ` Kees Cook @ 2016-01-25 23:33 ` Schaufler, Casey 0 siblings, 0 replies; 4+ messages in thread From: Schaufler, Casey @ 2016-01-25 23:33 UTC (permalink / raw) To: Kees Cook; +Cc: kernel-hardening@lists.openwall.com > -----Original Message----- > From: keescook@google.com [mailto:keescook@google.com] On Behalf Of > Kees Cook > Sent: Tuesday, January 19, 2016 9:24 AM > To: Schaufler, Casey <casey.schaufler@intel.com> > Cc: kernel-hardening@lists.openwall.com > Subject: Re: [kernel-hardening] For whoever's looking at memory santizing.. > > On Thu, Jan 14, 2016 at 4:36 PM, Hanno Böck <hanno@hboeck.de> wrote: > > On Thu, 14 Jan 2016 18:11:09 -0500 > > Valdis Kletnieks <Valdis.Kletnieks@vt.edu> wrote: > > > >> If you need a real-life example of why we should be doing it > >> consistently: > >> > >> http://venturebeat.com/2016/01/13/nvidia-blames-apple-for-bug-that- > exposes-porn-browsing-in-chromes-incognito-mode/ > > > > This article seems to be only about OS X. > > > > I hope it's no secret that this is a problem on Linux as well: > > https://hsmr.cc/palinopsia/ > > > > And from all I'm aware it's unfixed. > > I'm curious if this is fixable from the DRM layer, or if it's strictly > driver-specific. Casey, could you bounce this toward some of the Intel > graphics folks? While Intel isn't called out, I'm curious if there is > still something that could be done in the general case... The Intel graphics drivers (so I'm told) use memory allocated in the shmem layer, and hence can count on it being cleared. I don't know if that approach can be generalized, or if it would even be possible for other drivers. > -Kees > > -- > Kees Cook > Chrome OS & Brillo Security ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2016-01-25 23:33 UTC | newest] Thread overview: 4+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2016-01-14 23:11 [kernel-hardening] For whoever's looking at memory santizing Valdis Kletnieks 2016-01-15 0:36 ` Hanno Böck 2016-01-19 17:23 ` Kees Cook 2016-01-25 23:33 ` Schaufler, Casey
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.