[Ksummit-2013-discuss] [ARM ATTEND] catching up on exploit mitigations
Aaro Koskinen
aaro.koskinen at iki.fi
Tue Jul 30 19:58:34 EDT 2013
Hi,
On Tue, Jul 30, 2013 at 07:15:33PM -0400, Dave Jones wrote:
> On Wed, Jul 31, 2013 at 02:11:20AM +0300, Aaro Koskinen wrote:
> > On Tue, Jul 30, 2013 at 06:14:35PM -0400, Dave Jones wrote:
> > > On Tue, Jul 30, 2013 at 12:05:40PM -0700, Kees Cook wrote:
> > > > - fuzzing (is anyone running trinity or similar on the ARM tree?)
> > >
> > > Someone was kind enough to send me an arm chromebook, so I tried this just
> > > last week (albeit, on the 3.4 kernel it shipped with). The results make
> > > me think the answer is a resounding 'no'.
> >
> > Shouldn't you run trinity only under QEMU or similar virtual
> > environment? Don't know about chromebook, but on some of my ARM boards
> > a misbehaving kernel could at least in theory brick the board...
>
> I like to live dangerously. Don't imitate everything you see on TV,
> or read about on lkml.
Sadly I have no TV. :)
Anyway, I think it would be interesting to learn about arch-specific
bugs discovered with trinity. Quickly thinking, the results should be
mostly same regardless of the architecture since the code being tested
is generic especially when running as a regular user. But of course
there are 32/64-bit and big-endian/little-endian and such differences,
and maybe some permission bugs (likely in vendor kernels).
A.
More information about the linux-arm-kernel
mailing list