Alexander Popov
Alexander Popov
Hello @thestinger , Thanks for the idea. Collecting all pieces together, we can have the following rules: ``` l += [OR(KconfigCheck('cut_attack_surface', 'clipos', 'MAGIC_SYSRQ', 'is not set'), KconfigCheck('cut_attack_surface', 'my', 'MAGIC_SYSRQ_DEFAULT_ENABLE', '0x0'))]...
Hi @wryMitts, Thanks for creating this issue! As I understand the terminology in this LKML discussion, they use: - `ret2dir` for executing exploit payload using the direct mapping, - `read2dir`...
Hmmm... Maybe we need to add something like `Userspace Data Access via direct mapping` (or linear mapping?) instead of `read2dir` to show that the `XPFO` approach provides additional security effects...
One more interesting example of graph visualization: https://www.highcharts.com/demo/highcharts/network-graph
See https://pypi.org/project/kconfiglib/
That tool would also help to filter out the kconfig options that can't be enabled for the given kernel version.
This feature is implemented as a part of the `kconfig-hardened-check` tool. With the `-g` argument, the tool generates a Kconfig fragment with the security hardening options for the selected microarchitecture....
Create a solution for automating this process: 1. Take defconfig as a basic kernel configuration. 2. Build the Linux kernel. 3. Start test system with this kernel (a hardware machine...
Similar performance testing of a group of security hardening options may give interesting results as well.
Hi @vogelfreiheit, I'm looking forward to testing your pull request.