Re: lmbench for LSM coverage

• Previous message: Casey Schaufler: "Re: Authoritative hooks updated to 2.4.13"
• In reply to: Trent Jaeger: "lmbench for LSM coverage"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Trent Jaeger wrote:

>We have been working on tools for verifying the placement of LSM hooks
>(that I spoke of at the USENIX Security BoF, and will be reporting on
>shortly), and we found that less than 20% of the LSM security hooks are
>actually invoked by lmbench.  Therefore, lmbench is not a suitable
>benchmark for hook placement verification (i.e., do the hooks protect the
>dangerous operations in the kernel properly).
>
I agree: lmbench is not suitable for hook placement verification.  It's 
goals are different.  LMBench seeks to measure the relative performance 
of operating systems and hardware. To that end, lmbench concentrates on 
the "fast path" (commonly used) features of the OS.

Security is a completely different sort of problem, where you need to 
get anal about corner cases.  So it seems pretty likely to me that 
lmbench would have relatively light coverage of LSM hooks. But thanks 
for the data.

>We also tried the SAINT
>vulnerability checking tool and found only a slightly greater coverage.
>
This also doesn't surprise me much, as SAINT is just probing for 
commonly known vulnerabilities in applications. It also is not going to 
push the kernel's corner cases.

>For the time being we have pushed the coverage benchmark problem on the
>stack.  If any of you have any ideas, we would appreciate them.
>
That's unfortunate.  My main "idea" is that we need a new tool for this 
:-)  Such a tool might start with something like lmbench as a basis, but 
would need to be substantially enhanced to be useful. However, it might 
be easier to catch most of the corner cases with a kernel compatibility 
test coverage tool, such as the Open Group's LSB-VSX tool
http://www.opengroup.org/testing/lsb-test/lsb-vsx.html

Crispin

-- 
Crispin Cowan, Ph.D.
Chief Scientist, WireX Communications, Inc. http://wirex.com
Security Hardened Linux Distribution:       http://immunix.org
Available for purchase: http://wirex.com/Products/Immunix/purchase.html



_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Stephen Smalley: "Re: Authoritative hooks updated to 2.4.13"
• Previous message: Casey Schaufler: "Re: Authoritative hooks updated to 2.4.13"
• In reply to: Trent Jaeger: "lmbench for LSM coverage"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Oct 31 2001 - 09:40:41 PST