Madivelopa a polojekiti ya Grsecurity tcheru pa kukhalapo kwa chiwopsezo chosavuta kugwiritsa ntchito pazigamba (Huawei Kernel Self Protection), masiku angapo apitawo kukonza chitetezo cha Linux kernel. Mkhalidwe umakumbutsa , momwe kuyesa kukonza chitetezo chadongosolo kunapangitsa kuti pakhale chiwopsezo chatsopano ndikupangitsa kuti zikhale zosavuta kusokoneza zida.
Zigamba za HKSP zidasindikizidwa ndi wogwira ntchito ku Huawei, kuphatikiza kutchulidwa kwa Huawei mu mbiri ya GitHub, ndikugwiritsa ntchito mawu akuti Huawei mu dzina la polojekiti (HKSP - Huawei Kernel Self Protection). Nthawi yomweyo, oimira a Huawei adakana kulumikizidwa kwa projekiti ya HKSP ndi kampaniyo ndipo adanena kuti codeyo idapangidwa pazomwe wogwira ntchitoyo adachita, si ntchito yovomerezeka ya Huawei ndipo sagwiritsidwa ntchito pazinthu zamakampani. Yambani HKSP retroactively zofooka komanso dziwani kuti polojekitiyi ikupangidwa mu nthawi yanga yopuma kuti ifufuze.
HKSP imaphatikizapo zosintha monga kusasintha kwa zosintha mu kachitidwe ka cred, kutetezedwa ku kuukira kwa dzina la wogwiritsa ntchito (pid namespace), kulekanitsa zochulukira kuchokera kudera la mmap, kuzindikira kuyimba kowirikiza kawiri ku ntchito ya kfree, kutsekereza kutayikira kudzera pa pseudo. -FS /proc (/proc/ {modules, keys, key-users}, /proc/sys/kernel/* ndi /proc/sys/vm/mmap_min_addr, /proc/kallsyms), kusintha kwa adiresi ya osuta, kuwonjezera Ptrace chitetezo, kupititsa patsogolo chitetezo cha smap ndi smep, kuthekera koletsa kutumiza deta kudzera pazitsulo zosaphika, kutsekereza maadiresi olakwika muzitsulo za UDP ndikuyang'ana kukhulupirika kwa njira zomwe zikuyenda. Ikuphatikizanso gawo la Ksguard kernel, lomwe cholinga chake ndi kuzindikira zoyesa kuyambitsa ma rootkits.
Zigamba Greg Kroah-Hartman, yemwe ali ndi udindo woyang'anira nthambi yokhazikika ya Linux kernel, anali wokondweretsa, ndipo adafunsa wolembayo kuti athyole chigamba cha monolithic m'magawo kuti muchepetse kuwunika ndi kukwezedwa ku kernel yayikulu. Kees Cook, mutu pa ukadaulo wachitetezo wokhazikika mu Linux kernel, nawonso adayankha pazigawozo ndipo, pakati pamavuto, adayang'ana kumangiriza kwa zomangamanga za x86 ndi mawonekedwe azidziwitso amitundu yambiri, yomwe imangolemba zambiri za vutoli, koma musayese kuletsa.
Kafukufuku wa chigamba ndi opanga Grsecurity adawulula zolakwika zambiri ndi zofooka mu code, komanso adawonetsa kusowa kwa chitsanzo choopsya chomwe chingawalole kuweruza mokwanira mphamvu za polojekitiyi. Kuwonetsa momveka bwino kuti codeyo inalembedwa popanda kugwiritsa ntchito njira zotetezeka zamapulogalamu, chitsanzo cha chiwopsezo chaching'ono mwa wothandizira chimaperekedwa.
fayilo /proc/ksguard/state, yomwe idapangidwa ndi ufulu 0777, kutanthauza kuti aliyense ali ndi mwayi wolembera. Ntchito ya ksg_state_write, yomwe imagwiritsidwa ntchito polemba malamulo olembedwa kwa / proc/ksguard/state, imapanga tmp[32] buffer yomwe deta imalembedwa kutengera kukula kwa operand yomwe yadutsa, osaganizira kukula kwa chandamale komanso popanda kuyang'ana parameter ndi kukula kwa chingwe. Iwo. Kuti mulembenso gawo la kernel stack, wowukira amangofunika kulemba mzere wopangidwa mwapadera ku /proc/ksguard/state.
static ssize_t ksg_state_write(fayilo yokhazikika *fayilo, const char __user *buf,
size_t len, loff_t *offset)
{
mtengo wa u64;
char tmp[32];
kukula_t n = 0;
ngati (copy_from_user(tmp, buf, len))
kubwerera -1;
mtengo = simple_strtoul(tmp, '\0', 10);
...
Gwiritsani ntchito chitsanzo:
char buf[4096] = {};
int fd = lotseguka("/proc/ksguard/state", O_WRONLY);
ngati (fd>= 0) {
kulemba (fd, buf, sizeof(buf));
kutseka (fd);
}
Source: opennet.ru