![]() |
@aionescu | |||||
Windows 17035 Kernel ASLR/VA Isolation In Practice (like Linux KAISER). First screenshot shows how NtCreateFile is not mapped in the kernel region of the user CR3. Second screenshot shows how a 'shadow' kernel trap handler, is (has to be). pic.twitter.com/7PriLIJHe1
|
||||||
|
![]() |
Aaron Friel
@AaronFriel
|
Nov 14 |
Wasn't Kaiser shown to be ineffective and with a rather large cost to syscalls?
|
||
![]() ![]() ![]() |
![]() |
Alex Ionescu
@aionescu
|
Nov 14 |
Source? :-)
|
||
![]() ![]() ![]() |
![]() |
Aaron Friel
@AaronFriel
|
Nov 14 |
Did not find the lwn article on Kaiser's inefficacy that I read, but I did find this: lwn.net/Articles/73794…
|
||
![]() ![]() ![]() |
![]() |
Alexander Riccio
@ariccio
|
Nov 14 |
Aaaand I got today's reading g set out for me
|
||
![]() ![]() ![]() |
![]() |
Volodymyr Pikhur
@vpikhur
|
Nov 14 |
Surprise surprise :)
|
||
![]() ![]() ![]() |
![]() |
Alex Ionescu
@aionescu
|
Nov 14 |
Well, I’m sure the perf costs (especially on modern hardware with PASID/PCID) will be weighed against the security benefits, and people that care about loopback perf can turn it off in the registry. Remember this is WIP so it may never ship.
|
||
![]() ![]() ![]() |
![]() |
Aaron Friel
@AaronFriel
|
Nov 14 |
Reasonable. Can't imagine Microsoft will ship it if the perf hit on syscalls is ~40%.
|
||
![]() ![]() ![]() |
![]() |
Alex Ionescu
@aionescu
|
Nov 14 |
I could easily measure it but MS gets mad if I ruin features ahead of time. I do quite like this one though and have nothing to bitch about :)
|
||
![]() ![]() ![]() |
![]() |
Wikinger
@wikinger7
|
Nov 14 |
cant wait to the OS be 50% slower!!
|
||
![]() ![]() ![]() |
![]() |
Dennis Ahagon
@D2KX_
|
Nov 14 |
KAISER is shipping in one of the next Chrome OS releases on existing Chromebooks.
|
||
![]() ![]() ![]() |
![]() |
Aaron Friel
@AaronFriel
|
Nov 14 |
That's not the sort of workload I think Microsoft would be worried about. Browsers? Meh.
SQL Server? Would be very surprised to see Microsoft accept a perf hit there.
|
||
![]() ![]() ![]() |
![]() |
Alex Ionescu
@aionescu
|
Nov 14 |
Fonts are now userspace and appcontainerized. Shit is getting real/hard/real hard.
|
||
![]() ![]() ![]() |
![]() |
Aaron Friel
@AaronFriel
|
Nov 14 |
*joke about real mode vs protected mode*
|
||
![]() ![]() ![]() |
![]() |
lordx86
@_lordx86
|
Nov 14 |
I don't know but some security French dude said while back ago that CR3 is the most important register :)
|
||
![]() ![]() ![]() |
![]() |
Ahiezer Alvares
@MrAlvares97
|
Nov 14 |
awesome!
|
||
![]() ![]() ![]() |
![]() |
grsecurity
@grsecurity
|
Nov 14 |
PCID doesn't really help that much, and I don't think AMD has anything equivalent. twitter.com/grsecurity/sta… But yeah, the MS/Linux timing of the same magically appearing solution with no public involvement makes it painfully obvious there's something else influencing this choice
|
||
![]() ![]() ![]() |
![]() |
Roi Perez
@roiontech
|
Nov 15 |
Nice find !
|
||
![]() ![]() ![]() |
![]() |
Eliannuminas
@Eliannuminas
|
Nov 15 |
I thought ASLR has virtually no impact on performance?
|
||
![]() ![]() ![]() |
![]() |
Alex Ionescu
@aionescu
|
Nov 15 |
We’re talking about dual page tables here :)
|
||
![]() ![]() ![]() |