32 lines
1.2 KiB
Markdown
32 lines
1.2 KiB
Markdown
# 02-28
|
|
Daily supervisor: Dyon
|
|
Goal: Breaking KASLR through TLB-based side channel attack
|
|
Status: Deciding on which part exactly to choose, hardware access today
|
|
Progress:
|
|
- Target: i7-8650U Kernel 6.8
|
|
- First idea: Try using CONFIG_STRICT_MODULE_RWX (D1)
|
|
- but: maybe further input needed here which one is desireable target
|
|
- strict module rwx => can leak heap (excluding cred and less reliable pipe-buffer) and page tables
|
|
- virtual heap => can leak heap (including cred) reliably
|
|
- Go with heap => cred one of the most interesting
|
|
- virtual stack => can leak kernel stack
|
|
- Forgot about research proposal, message herbert
|
|
|
|
# 02-21
|
|
Daily supervisor: Dyon
|
|
Goal: Breaking KASLR through TLB-based side channel attack
|
|
Status:
|
|
Progress:
|
|
- Contacted Aleksandar for VM access
|
|
- Learned more about prefetch sidechannel
|
|
- Only read TLB part not cache
|
|
|
|
# 02-14
|
|
Daily supervisor: idk yet? Dyon
|
|
Goal: Breaking KASLR through TLB-based side channel attack
|
|
Status: Just started middle of this week
|
|
Progress:
|
|
- Skimmed paper and read some important parts more in depth
|
|
- Intel CPU required (?)
|
|
- contact for hardware: Marković, A. (Aleksandar) <a.markovic@vu.nl>
|
|
- probably VM enough? check that
|