Vagadziri veGrsecurity project kutarisisa kuvepo kwekusagadzikana kusinga shandiswe muchigamba seti (Huawei Kernel Self Protection), mazuva mashoma apfuura kuvandudza kuchengetedzeka kweLinux kernel. Mamiriro acho ezvinhu anoyeuchidza , umo kuedza kuvandudza kuchengetedzwa kwehurongwa kwakakonzera kubuda kwehutsva hutsva uye kwakaita kuti zvive nyore kukanganisa zvishandiso.
Iwo maHKSP mapeche akaburitswa nemushandi weHuawei, anosanganisira kutaurwa kweHuawei muGitHub mbiri, uye shandisa izwi rekuti Huawei muzita rechirongwa (HKSP - Huawei Kernel Self Protection). Panguva imwecheteyo, vamiriri veHuawei vakaramba kubatana kweprojekiti yeHKSP nekambani uye vakataura kuti kodhi yakagadziridzwa pamushandi wega wega, haisi purojekiti yeHuawei uye haishandiswe muzvigadzirwa zvekambani. On HKSP retroactively vulnerabilities zvakare cherechedza kuti purojekiti iri kugadzirwa munguva yangu yakasununguka yezvinangwa zvekutsvakurudza.
HKSP inosanganisira shanduko senge randomisation of offsets mune cred chimiro, dziviriro pakurwiswa kwemushandisi identifier namespace (pid namespace), kupatsanurwa kweiyo process stack kubva munzvimbo yemmap, kuona kufona kaviri kune kfree basa, kuvharira kuvuza kuburikidza neiyo pseudo. -FS /proc (/proc/ {modules, keys, key-users}, /proc/sys/kernel/* uye /proc/sys/vm/mmap_min_addr, /proc/kallsyms), yakagadziridzwa kero yenzvimbo yevashandisi, yakawedzera Ptrace dziviriro, kukwidziridzwa smap uye smep kuchengetedzwa, kugona kurambidza kutumira data kuburikidza neyakaomeswa masokisi, kuvharira kero dzisiridzo mumasoketi eUDP uye kutarisa kuvimbika kwekumhanya maitiro. Inosanganisirawo Ksguard kernel module, ine chinangwa chekuona kuedza kuunza chaiwo rootkits.
Zvigamba Greg Kroah-Hartman, uyo ane basa rekuchengetedza bazi rakagadzikana reLinux kernel, aifarira, uye akakumbira munyori kuti aparadze chigamba chemonolithic kuita zvikamu kurerutsa kudzokorora uye kukwidziridzwa kune iyo huru kernel. Kees Cook, mukuru pamusoro inoshanda yekudzivirira tekinoroji muLinux kernel, zvakare yakapindura kune zvigamba uye, pakati pezvinetso, yakaratidza kusungirirwa kune x86 dhizaini uye chimiro chekuzivisa chemodhi dzakawanda, iyo inongonyora ruzivo nezve dambudziko, asi usaedze kuivharira.
Kuongororwa kwechigamba nevagadziri veGrsecurity kwakaratidza zvikanganiso zvakawanda uye kushaya simba mukodhi, uye zvakare yakaratidza kusavapo kwemuitiro wekutyisidzira waizovabvumira kutonga zvakakwana kugona kweprojekiti. Kuratidza zvakajeka kuti kodhi yakanyorwa pasina kushandisa nzira dzakachengeteka dzehurongwa, muenzaniso wekusagadzikana kudiki mumubati unopihwa.
faira /proc/ksguard/state, iyo yakagadzirwa iine kodzero 0777, zvichireva kuti munhu wese ane mukana wekunyora. Iyo ksg_state_write basa, rinoshandiswa kurongedza mirairo yakanyorwa ku / proc/ksguard/state, inogadzira tmp[32] buffer iyo data inonyorerwa zvichienderana nehukuru hweiyo operand yakapfuura, pasina kurangarira saizi yechinangwa chebhafa uye pasina. kutarisa parameter nekukura kwetambo. Avo. Kunyora pamusoro pechikamu che kernel stack, munhu anorwisa anongoda kunyora mutsara wakanyatso kurongeka ku /proc/ksguard/state.
static ssize_t ksg_state_write(struct file *file, const char __user *buf,
saizi_t len, loff_t *offset)
{
u64 kukosha;
char tmp[32];
saizi_t n = 0;
kana (copy_from_user(tmp, buf, len))
return -1;
kukosha = simple_strtoul(tmp, '\0', 10);
...
Shandisa prototype:
char buf[4096] = {};
int fd = vhura("/proc/ksguard/state", O_WRONLY);
kana (fd>= 0) {
nyora (fd, buf, sizeof(buf));
kuvhara(fd);
}
Source: opennet.ru