Weakly virtualized memory management scheme

Zenaan Harkness zen at freedbms.net
Thu Mar 7 02:54:53 PST 2019


[3 times read this as "weekly virtualized memory management scheme".
 Head scratcher that one...]

On Wed, Mar 06, 2019 at 03:22:10PM -0800, Ryan Carboni wrote:
> This is a simple suggestion for a weakly virtualized memory management
> scheme.
> 
> Heap allocation for arrays that change in size use a variable width block
> to choose the position of the memory page that the object is allocated to.
> 
> Vtables could be nested to reduce risk of ASLR defeat.
> 
> This is vulnerable to fragmentation for obvious reasons, so it should be
> limited to objects that are either multiple pages in size or are being
> modified in size by untrusted code.
> 
> This would add some factorial complexity over that of ASLR.


"Security" here I guess is domain isolation - Linux and
$typical_desktop_os have relatively poor domain isolation.

Marginal-improvement randomization schemes are at best temporary
marginal improvement, perceived as low hanging fruit, and often
adding longer term [runtime | code maintenance | etc] overhead
without any real breakthrough.

Microkernels, perhaps in the guise of VMM/ hypervisor with primary
responsibility of the important bits of your computer.

Then one must isolate tasks, so the MSO/LibreOffice jpeg trampoline
macro won't give access to the internet, or the latest browser PDF
viewer vuln won't give access to all memory, etc.

Isolation.

Isolation of activities, and the resources those activities require
use of to operate "normally".

This also requires hardware that is at least capable of providing the
required isolation(s).

[function | syscall | resource | device/hw ] attack surface


Good luck,


More information about the cypherpunks mailing list