RE: encrypting swap conversation

[John Levon <moz@compsoc.man.ac.uk>]

On Tue, 8 Aug 2000 davej@suse.de wrote:

> On Tue, 8 Aug 2000, Copeland, Matthew wrote:
> 
> > Just a thought, everyone might want to go through the lkml archives and read
> > the recent thread on Crypto, since essentially this is entirely being
> > rehashed right here.  :)
> 
> And people seem to be forgetting the principle that a code AUDIT
> does not mean the same thing as "lets add this feature, it'll be more
> secure".
> 
> In an attempt to steer things back towards the real objective,
> a few postings to linux kernel in the last few days have been
> made regarding g++ extensions to check things like..
> 
> - calls to sleep functions before MOD_INC
> - calls to sleep functions after MOD_DEC
> - returns with error after MOD_INC should MOD_DEC
> - Variables >512 bytes
> - Unmatched spin_unlocks() after spin_lock()
> 
> If other people on the list can come up with a series of other tests,
> this could make for a good 'audit-suite'.
> 
> regards,
> 
>

Dave, you took the words right out of my mouth :)

I've only just joined this list, so I wasn't sure whether some one had
actually started one of these, but imho a "checklist" would be very
useful. It's not substitute for a proper audit by experienced hackers, but
there is a dearth of experienced hackers willing to do this :)

at the very least it would help catch things like the above, but stuff
that a gcc extension can't find

so does anyone want to start a checklist ?

john

p.s. dave how come your name is your sig ? it looks odd as above :)

p.p.s. someone suggested including an offset in the pci mmio space
functions to catch naughty drivers, as they do on mips. has anyone looked
at this ?



Kernel-audit:  discussion list for security and the linux kernel
Archive:       http://mail.nl.linux.org/kernel-audit/