From: Arvid Brodin <Arvid.Brodin@xdin.com>
To: Al Viro <viro@ZenIV.linux.org.uk>
Cc: "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"Andrew Morton" <akpm@linux-foundation.org>,
Cyrill Gorcunov <gorcunov@openvz.org>,
David Rientjes <rientjes@google.com>,
"Eric W. Biederman" <ebiederm@xmission.com>
Subject: Re: fs/proc/base.c: text md5sums; tgid vs tid; and INF vs ONE?
Date: Thu, 1 Nov 2012 20:22:07 +0000 [thread overview]
Message-ID: <5092D9EE.80009@xdin.com> (raw)
In-Reply-To: <20121030212217.GD2616@ZenIV.linux.org.uk>
On 2012-10-30 22:22, Al Viro wrote:
> On Tue, Oct 30, 2012 at 09:02:33PM +0000, Arvid Brodin wrote:
>
>> +config PROC_TEXT_MD5SUM
>> + bool "/proc/<pid>/text_md5sum support"
>> + depends on PROC_FS
>> + select CRYPTO
>> + select CRYPTO_MD5
>> + help
>> + Read /proc/<pid>/text_md5sum to get the kernel to perform an MD5
>> + checksum over the process' text segment and print the result. Can be
>> + used to make sure a process' code has not been tampered with.
>
> Sorry, but this is pointless. Any attacker capable of modifying the code
> will be just as capable of modifying pointers to functions in data segment.
> IOW, you are not making sure of anything useful.
On 2012-10-30 22:23, Cyrill Gorcunov wrote:
> I don't think this increments security by any means. start/end-code are rather
> informative fields which are set when program being started, so one can ptrace
> it, alloc new exec area, put evil code there, tuneup cs:ip and restore original
> program contents, you won't even notice that.
You are both correct of course. Actually, I was kind of sloppy when I wrote the
Kconfig help text. The following more accurately describes the intended use. Would
this make the patch more acceptable?
+config PROC_TEXT_MD5SUM
+ bool "/proc/<pid>/text_md5sum support"
+ depends on PROC_FS
+ select CRYPTO
+ select CRYPTO_MD5
+ help
+ Read /proc/<pid>/text_md5sum to get the kernel to perform an MD5
+ checksum over the process' text segment and print the result. This
+ can detect some cases where the system RAM has been disturbed by
+ e.g. EMC or cosmic radiation (on systems where ECC is not available).
+ It might also detect some accidental or malicious modifications of
+ executables, where the perpetrator has not bothered to cover up the
+ tracks.
--
Arvid Brodin | Consultant (Linux)
XDIN AB | Knarrarnäsgatan 7 | SE-164 40 Kista | Sweden | xdin.com
next prev parent reply other threads:[~2012-11-01 20:30 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-10-30 21:02 fs/proc/base.c: text md5sums; tgid vs tid; and INF vs ONE? Arvid Brodin
2012-10-30 21:22 ` Al Viro
2012-11-01 20:22 ` Arvid Brodin [this message]
2012-10-30 21:23 ` Cyrill Gorcunov
2012-10-30 22:45 ` Eric W. Biederman
2012-11-01 20:29 ` Arvid Brodin
2012-11-02 22:49 ` Arvid Brodin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5092D9EE.80009@xdin.com \
--to=arvid.brodin@xdin.com \
--cc=akpm@linux-foundation.org \
--cc=ebiederm@xmission.com \
--cc=gorcunov@openvz.org \
--cc=linux-kernel@vger.kernel.org \
--cc=rientjes@google.com \
--cc=viro@ZenIV.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.