|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH 1/3] Add support for OpenBSD
On Wednesday, 18 October 2006 at 17:39, Keir Fraser wrote: > On 18/10/06 17:34, "Anil Madhavapeddy" <anil@xxxxxxxxxxxxx> wrote: > > >> We have that already in arch/x86/Rules.mk. If that was working, I > >> doubt > >> Christoph would have gone to the trouble of hacking up the SSP goop. > >> > > > > That flag definitely works. > > > > I think Christoph wanted to get stack protection working, as all the > > other OpenBSD bits (kernel/userland) use it. There isn't much to it > > beyond adding the stack smash handler, and the stack frame format > > changes a bit... > > I don't think stack-smashing attacks are a worrying vulnerability for Xen. > We don't do much variable-sized buffer manipulation, strcpy, and so on. I'd > much rather see someone put some effort into something more likely to be > useful (albeit undoubtedly more work!) like randomised attacks on the > hypercall interfaces. I built something to do that for a course project a few months ago - basically a kernel module to pass along completely unchecked hypercalls, generated by a python script with a few hooks to filter out those that it knew Xen would catch anyway. It even managed to crash xen periodically, but I never quite finished the piece that was supposed to reproduce crashes after they happened. I guess I should clean it up and post it somewhere... _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |