all InfoSec news
Racing against the clock -- hitting a tiny kernel race window
March 24, 2022, 8:51 p.m. | noreply@blogger.com (Ryan)
Project Zero googleprojectzero.blogspot.com
TL;DR:
How to make a tiny kernel race window really large even on kernels without CONFIG_PREEMPT:
- use a cache miss to widen the race window a little bit
- make a timerfd expire in that window (which will run in an interrupt handler - in other words, in hardirq context)
- make sure that the wakeup triggered by the timerfd has to churn through 50000 waitqueue items created by epoll
Racing one thread against a timer also avoids accumulating timing variations from …
More from googleprojectzero.blogspot.com / Project Zero
First handset with MTE on the market
6 months, 4 weeks ago |
googleprojectzero.blogspot.com
Analyzing a Modern In-the-wild Android Exploit
8 months, 1 week ago |
googleprojectzero.blogspot.com
Summary: MTE As Implemented
9 months, 4 weeks ago |
googleprojectzero.blogspot.com
MTE As Implemented, Part 1: Implementation Testing
9 months, 4 weeks ago |
googleprojectzero.blogspot.com
MTE As Implemented, Part 3: The Kernel
9 months, 4 weeks ago |
googleprojectzero.blogspot.com
MTE As Implemented, Part 2: Mitigation Case Studies
9 months, 4 weeks ago |
googleprojectzero.blogspot.com
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Security Compliance Strategist
@ Grab | Petaling Jaya, Malaysia
Cloud Security Architect, Lead
@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)