1 |
So one of the side-discussions happening after Heartbleed was the fact that |
2 |
OpenSSL has its own memory allocator code that effectively mitigates any C |
3 |
library-provided exploit mitigations (as discussed on the openbsd-misc ML at |
4 |
[1] and Ted Unangst's blogs at [2] and [3]). This is partially why there's |
5 |
so much "interesting" data to be sniffed from a server's memory via the |
6 |
heartbleed response packets -- that memory wasn't really initialized to |
7 |
random data or zero'd upon malloc(), nor garbage-collected upon free(). |
8 |
|
9 |
Taking place over on the openssl-users ML, someone from Akamai posted a new |
10 |
secure memory allocator patch[4][5] that they have been using in production |
11 |
for about a decade. That patch was cleaned up, diff'ed against |
12 |
openssl-1.0.1g, and posted to openssl-dev here: |
13 |
https://marc.info/?l=openssl-dev&m=139733477712798&q=p5 |
14 |
|
15 |
It basically provides a secure memory area protected by guard pages for |
16 |
sensitive data, like RSA private keys, so that if another Heartbleed-like |
17 |
event occurs, things won't be as bad. Hopefully... |
18 |
|
19 |
Is this something we want to look at adding to our openssl copy via an |
20 |
optional USE flag (default off)? |
21 |
|
22 |
Refs: |
23 |
1. http://marc.info/?l=openbsd-misc&m=139698608410938&w=2 |
24 |
2. http://www.tedunangst.com/flak/post/heartbleed-vs-mallocconf |
25 |
3. http://www.tedunangst.com/flak/post/analysis-of-openssl-freelist-reuse |
26 |
4. http://marc.info/?l=openssl-users&m=139723710923076&w=2 |
27 |
5. http://marc.info/?l=openssl-users&m=139723972124003&w=2 |
28 |
|
29 |
-- |
30 |
Joshua Kinard |
31 |
Gentoo/MIPS |
32 |
kumba@g.o |
33 |
4096R/D25D95E3 2011-03-28 |
34 |
|
35 |
"The past tempts us, the present confuses us, the future frightens us. And |
36 |
our lives slip away, moment by moment, lost in that vast, terrible in-between." |
37 |
|
38 |
--Emperor Turhan, Centauri Republic |