Reply to post: Re: It doesn't matter that it doesn't relocate in RAM while running

NetBSD, OpenBSD improve kernel security, randomly

patrickstar

Re: It doesn't matter that it doesn't relocate in RAM while running

The 'common interface point' is the syscall interface. This doesn't have to reveal anything about the underlying memory layout, any kernel addresses, etc. In fact, when it does, it's considered a security issue and fixed.

See my earlier posting giving an example of a kernel address leak via a syscall. This turned into https://nvd.nist.gov/vuln/detail/CVE-2017-14954

syscalls on x86/64 are typically done via the 'syscall' instruction (or the classic way of using a software interrupt, eg int 0x80 on Linux and int 0x2e on Windows). This does not, in itself, reveal any information that would be useful for an attacker. Userland code just invokes the magic instruction, and some time later the execution resumes and typically a register has changed so that it now holds the return value/error code. That's it.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020