A couple of days I got as a responsible personell for a couple of systems a warning about the vulnerabilities of the mechanism called "Kernel SamePage Mergin". On this year's IEEE symposion there has been submitted a paper by Bosman et al., 2016, describing an attack on KSM. This technique, also referred to as memory/page deduplication, seems to be vulnerable by design under certain circumstances. I guess the experts of the readers here do already know, but I consider myself a non-expert and therefore, I'd like to ask about the status of that kind of development in FreeBSD. I read about a project of last year's Google Summer of Code 2015 targetting KSM on FreeBSD.
In Linux, this deduplication techniques is implemented since kernel 2.6.38 and Windows Kernel uses this techniques since Windows 8.1 and sibblings (also Windows Server). We were strongly advised to disable those "features" in Windows clients, servers and Linux servers, if used. Other papers describe successful attacks on memory contents and ASLR by misusing KSM. On Windows, mmap() entropy is 19bit, on Linux usually 28bit. And FreeBSD (if planned/used/already implemented?)? If you are interested I could provide links or PDFs of the papers I already gathered about that subject (it is not much, simply google for "KSM FReeBSD" or KSM deduplication ASLR). Thanks in advance, oh
pgpaCTmo1B49J.pgp
Description: OpenPGP digital signature
