Missing Security Features on ARM

Registered by Duncan McGreggor

A few generic Linux kernel security features are not currently implemented for ARM, such as SECCOMP, CONFIG_CC_STACKPROTECTOR, Address Space Layout Randomisation and /dev/mem protection.

The work carried out under this spec will investigate feasibility and implement support for these features, where appropriate.

Blueprint information

Status:
Complete
Approver:
Kees Cook
Priority:
Medium
Drafter:
Dave Martin
Direction:
Needs approval
Assignee:
Dave Martin
Definition:
Approved
Series goal:
Accepted for maverick
Implementation:
Implemented
Milestone target:
milestone icon ubuntu-10.10-beta
Started by
Kees Cook
Completed by
Loïc Minier

Related branches

Sprints

Whiteboard

[asac] we need to split this up in milestones; npitre can you suggest what of the implementation steps could be delivered by alpha3 and what needs to go to beta1?
[asac] kernel works; beta milestone feels like the last milestone suitable for that. tentatively targetting the overall blueprint delivery against that milestone.

Status:
Regard as implemented for maverick.
A couple of outstanding items (SECCOMP, /dev/mem protection) will get worked on in the meantime by kees / npitre, and will be merged in maverick+1 (or before, if possible)

Work items:
[dave-martin-arm] follow up with kees do determine whether specific test implementation is needed or whether the existing tests for other architectures are sufficient: DONE
[npitre] turn off /dev/mem for ARM: DONE
[npitre] investigate CC_STACKPROTECTOR: DONE
[npitre] implement a test for CC_STACKPROTECTOR: DONE
[npitre] investigate ASLR: DONE
[npitre] implement CC_STACKPROTECTOR: DONE
[npitre] implement mmap ASLR: DONE
[npitre] implement exec ASLR: DONE
[npitre] implement brk ASLR: DONE
[npitre] implement SECCOMP: DONE
[kees] update q-r-t kernel-security test to check ARM on maverick and later: DONE
[kees] validate newly implemented features using q-r-t test suite: DONE

Removed work items:
# [dave-martin-arm] follow up with tools guys about how the GCC stack protector works for ARM
 * npitre was able to proceed and didn't require any additional information

(?)

Work Items