Conversation

Daniel Micay

@DanielMicay

·

Mar 20, 2019

The Linux kernel memory protection key implementation now properly preserves state in forked child processes since Linux 5.0: https://github.com/torvalds/linux/commit/a31e184e4f69965c99c04cc5eb8a4920e0c63737… This was discovered while working on a minor security feature for my hardened malloc (https://github.com/AndroidHardening/hardened_malloc…) leveraging MPK.

github.com

GitHub - GrapheneOS/hardened_malloc: Hardened allocator designed for modern systems. It has...

Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-base...

1

2

3

Daniel Micay

@DanielMicay

·

Mar 20, 2019

In the thread where the patch was originally submitted, I brought up that it's difficult to handle the issue even now that it's fixed: https://lore.kernel.org/patchwork/patch/1003931/… It would have been nice if they'd added a no-op flag to pkey_alloc for detecting the significant change in behavior.

1

1

Daniel Micay

@DanielMicay

I implemented a workaround disabling pkey use in forked child processes (until exec), and that can now be disabled for patched kernels. However, I can't safely or efficiently detect patched kernels. I'd need to whitelist a version for each stable branch.

github.com

pkey state is now preserved on fork for Linux 5.0+ · GrapheneOS/hardened_malloc@4a000d9

This patch is going to be backported to stable kernels, so the check could be expanded to allow recent enough stable kernel branches.

3:19 PM · Mar 20, 2019·Twitter Web Client

1

Retweet

2

Likes