Vagadziri veGrsecurity project
Iwo maHKSP mapeche akaburitswa nemushandi weHuawei, anosanganisira kutaurwa kweHuawei muGitHub mbiri, uye shandisa izwi rekuti Huawei muzita rechirongwa (HKSP - Huawei Kernel Self Protection). Panguva imwecheteyo, vamiriri veHuawei vakaramba kubatana kweprojekiti yeHKSP nekambani uye vakataura kuti kodhi yakagadziridzwa pamushandi wega wega, haisi purojekiti yeHuawei uye haishandiswe muzvigadzirwa zvekambani. On
HKSP inosanganisira shanduko senge randomisation of offsets mune cred chimiro, dziviriro pakurwiswa kwemushandisi identifier namespace (pid namespace), kupatsanurwa kweiyo process stack kubva munzvimbo yemmap, kuona kufona kaviri kune kfree basa, kuvharira kuvuza kuburikidza neiyo pseudo. -FS /proc (/proc/ {modules, keys, key-users}, /proc/sys/kernel/* uye /proc/sys/vm/mmap_min_addr, /proc/kallsyms), yakagadziridzwa kero yenzvimbo yevashandisi, yakawedzera Ptrace dziviriro, kukwidziridzwa smap uye smep kuchengetedzwa, kugona kurambidza kutumira data kuburikidza neyakaomeswa masokisi, kuvharira kero dzisiridzo mumasoketi eUDP uye kutarisa kuvimbika kwekumhanya maitiro. Inosanganisirawo Ksguard kernel module, ine chinangwa chekuona kuedza kuunza chaiwo rootkits.
Zvigamba
Kuongororwa kwechigamba nevagadziri veGrsecurity kwakaratidza zvikanganiso zvakawanda uye kushaya simba mukodhi, uye zvakare yakaratidza kusavapo kwemuitiro wekutyisidzira waizovabvumira kutonga zvakakwana kugona kweprojekiti. Kuratidza zvakajeka kuti kodhi yakanyorwa pasina kushandisa nzira dzakachengeteka dzehurongwa, muenzaniso wekusagadzikana kudiki mumubati unopihwa.
faira /proc/ksguard/state, iyo yakagadzirwa iine kodzero 0777, zvichireva kuti munhu wese ane mukana wekunyora. Iyo ksg_state_write basa, rinoshandiswa kurongedza mirairo yakanyorwa ku / proc/ksguard/state, inogadzira tmp[32] buffer iyo data inonyorerwa zvichienderana nehukuru hweiyo operand yakapfuura, pasina kurangarira saizi yechinangwa chebhafa uye pasina. kutarisa parameter nekukura kwetambo. Avo. Kunyora pamusoro pechikamu che kernel stack, munhu anorwisa anongoda kunyora mutsara wakanyatso kurongeka ku /proc/ksguard/state.
static ssize_t ksg_state_write(struct file *file, const char __user *buf,
saizi_t len, loff_t *offset)
{
u64 kukosha;
char tmp[32];
saizi_t n = 0;
kana (copy_from_user(tmp, buf, len))
return -1;
kukosha = simple_strtoul(tmp, '\0', 10);
...
Shandisa prototype:
char buf[4096] = {};
int fd = vhura("/proc/ksguard/state", O_WRONLY);
kana (fd>= 0) {
nyora (fd, buf, sizeof(buf));
kuvhara(fd);
}
Source: opennet.ru