FreeBSD Transient Memory problem?
Julian Elischer
julian at freebsd.org
Thu Sep 12 18:12:30 UTC 2013
On 9/13/13 1:49 AM, My Email wrote:
> My apologies, I have been replying too all, I hope that is the correct method.
>
> Anyway, that is very interesting information. I'd be extremely interested in information on customizing malloc and jemalloc. Let me know where to start. Thanks!
it's hard to know how to refute it because they don't explain WHAT
memory they are talking about.
there is NO OS in the world that can survive that test if they are
talking about protection from a malware kernel module.
On the other hand if they are just talking about user memory
allocation then of course we NEVER hand uncleared memory to anyone.
(even root). Ask them to tell you what memory they are talking about..
and if they want free memory in the pool to be clear then it wouldn't
take much to
add a module that zeros non vnode memory when it's handed back to the
kernel.
But for all we know they are talking about people stealing punch cards
and photographing them..
> JW
>
> On Sep 11, 2013, at 7:35 PM, John-Mark Gurney <jmg at funkthat.com> wrote:
>
>> Jonathon Wright wrote this message on Wed, Sep 11, 2013 at 14:15 -1000:
>>> I have posted this question (username-scryptkiddy) in the forums:
>>> http://forums.freebsd.org/showthread.php?t=41875
>>> but was suggested to bring it here to the mailing list for discussion.
>>>
>>> Basically, FreeBSD 8.3 (64bit) is what we use in our shop. We were
>>> inspected by a security team and they had issues with FreeBSD's memory
>>> management.
>>>
>>> Namely the transient memory and object reuse areas of FreeBSD. They claimed
>>> that FreeBSD did not have a Common Criteria (EAL1-4) evaluation completed,
>>> and therefore was vulnerable to the Transient memory problem.
>> Any system that uses malloc will have difficulties with this as most
>> versions of free will not zero out the memory... You could make
>> modifications to kernel malloc to always zero memory on free, and turn on
>> the junk feature of jemalloc and that could possibly close this issue
>> for them...
>>
>>> Our higher ups need some sort of documentation / testing that can be used
>>> to counter this, since changing Operating Systems is not something we have
>>> time / manpower to do, but might have too based on this supposed 'finding'.
>>>
>>> The post has all the details. Let me know I need to repost in this as well.
>> I know that FreeBSD 4.7 and 4.9 has been EAL3 ceritfied. I worked for
>> nCircle a number of years ago, and they got their products EAL3
>> cerified.
>>
>> Link:
>> http://www.commoncriteriaportal.org:80/files/epfiles/nCircle%20CR%20v1.0.pdf
>>
>> It is possible someone else has received certification on a newer version,
>> but I'm not aware of any at this time...
>>
>> --
>> John-Mark Gurney Voice: +1 415 225 5579
>>
>> "All that I will do, has been done, All that I have, has not."
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
>
More information about the freebsd-security
mailing list