| 1 |
Hey all, |
| 2 |
|
| 3 |
I'm taking a graduate level Fault Tolerant Computing course. My partner |
| 4 |
and I intend on injecting single bit faults into the data and text |
| 5 |
sections of Gentoo SELinux to see if such faults can compromise system |
| 6 |
security. While it is obvious that a single bit error in some |
| 7 |
structures, such as the AVC allowed field or the selinux_enforcing, can |
| 8 |
open an SELinux system for a period of time. We want to look for less |
| 9 |
obvious holes which may be realized by a single bit flip (also called |
| 10 |
soft-errors). Our plan is to run a User-mode SELinux kernel and use the |
| 11 |
ptrace interface to inject errors in the SELinux text section and/or |
| 12 |
data section. The kernel will execute a test program as init which will |
| 13 |
attempt to violate the SELinux policy by writing to a protected file |
| 14 |
with mod=777 and then shutdown the system. Given more time we would |
| 15 |
like to violate other things than simple file permissions. |
| 16 |
|
| 17 |
We are aware that the impact of a transient single bit errors depends on |
| 18 |
how long the bit-error lasts. In the case of an bit error in the AVC it |
| 19 |
may only last a short time (when the avc entry is overwritten) or a long |
| 20 |
time. Bit errors in the text segment may last longer depending on the |
| 21 |
particulars of the OS. We are not planning to measure the time that a |
| 22 |
particular bits creates a vulnerability, we have limited time to get |
| 23 |
results and the parameter is heavily dependant on the enviroment. We |
| 24 |
will include this cavot in our report. |
| 25 |
|
| 26 |
Our project was inspired by the following papers: |
| 27 |
|
| 28 |
* "An Experimental Study of Security Vulnerabilities Caused by |
| 29 |
Errors" |
| 30 |
Jun Xu, Shuo Chen, Abigniew Kalbarczyk, Ravishankar K. Iyer |
| 31 |
|
| 32 |
* "Using Memory Errors to Attack a Virtual Machine", Sudhakar |
| 33 |
Govindavajhala, Andrew W. Appel |
| 34 |
|
| 35 |
* "Framework for Testing the Fault-Tolerance of Systems Including OS |
| 36 |
and Network Aspects", Kerstin Buchacker, Volkmar Sieh (HASE '01) |
| 37 |
|
| 38 |
If you have any comments or suggestions we would love to hear them. To |
| 39 |
save traffic on the mailing list you can add your comments to |
| 40 |
|
| 41 |
http://www.randomwalking.com/cgi-bin/kwiki/index.cgi?ECE442OutsideComments |
| 42 |
|
| 43 |
~Michael Ihde & Tom Brown |
| 44 |
|
| 45 |
-- |
| 46 |
gentoo-hardened@g.o mailing list |
Archives