From: Andi Kleen <andi@firstfloor.org>
To: Alexander.Kleinsorge@gmx.de
Cc: Andi Kleen <andi@firstfloor.org>, linux-kernel@vger.kernel.org
Subject: Re: Re: new module to check constant memory for corruption
Date: Sun, 13 Apr 2014 17:55:48 +0200 [thread overview]
Message-ID: <20140413155547.GD22728@two.firstfloor.org> (raw)
In-Reply-To: <trinity-516ff83e-4833-4dad-856a-dd0597993837-1397384072115@3capp-gmx-bs62>
> your question: there are no writes in this write protected adress range (e.g. kernel code).
It's actually not true, Linux changes r/o code. But you could
handle that by hooking into the right places.
> my idea is to calculate a checksum (xor is fastest) over this range and check later (periodically) if its unchanged.
> see source code download (5 KB): http://tauruz.homeip.net/ramcheck.tgz
> the code is working fine and the checksum is (as expected) constant (at least for many hours).
>
So is the goal security or reliability or debugging?
Reliability:
I have doubts it makes sense for that. On most system the code
is only a very small part of the total memory. So you wouldn't
cover most data.
Also if something corrupts the code we likely already detect it
eventually by crashing. Your module would need to panic too in this
case.
Security: If someone can change the code what stops them from changing
the checksum module too?
Also if you use a poor (= fast) checksum it's likely easy to construct
a valid patch that does not change the checksum.
Debugging:
Maybe, but I have never seen a bug where code got corrupted.
The user program technique works reasonably well for finding bad
pointers. Write a program that allocates a lot of memory. Regularly
checksum and recheck all its memory.
-Andi
next prev parent reply other threads:[~2014-04-13 15:55 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-04-13 1:33 new module to check constant memory for corruption Alexander.Kleinsorge
2014-04-13 3:00 ` Andi Kleen
2014-04-13 10:14 ` Aw: " Alexander.Kleinsorge
2014-04-13 10:26 ` Richard Weinberger
[not found] ` <trinity-99a290b9-30fa-464e-b67b-b8555d48011b-1397406377024@3capp-gmx-bs45>
2014-04-13 16:43 ` Richard Weinberger
2014-04-14 14:14 ` Jiri Kosina
2014-04-13 17:20 ` Aw: Re: " Alexander.Kleinsorge
2014-04-13 15:55 ` Andi Kleen [this message]
2014-04-13 16:22 ` Alexander.Kleinsorge
2014-04-14 8:03 ` Aw: " Alexander.Kleinsorge
2014-04-13 3:08 ` Valdis.Kletnieks
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140413155547.GD22728@two.firstfloor.org \
--to=andi@firstfloor.org \
--cc=Alexander.Kleinsorge@gmx.de \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox