diff options
author | Shankho Boron Ghosh <shankhoghosh123@gmail.com> | 2020-11-18 19:55:02 +0530 |
---|---|---|
committer | Jan-Simon Moeller <jsmoeller@linuxfoundation.org> | 2020-11-23 13:15:50 +0000 |
commit | 65bd017e8b8f9a06008266de46303c88a9ac51c8 (patch) | |
tree | ce07633c0011cef0c1272b2a948856a2693b8ba7 /docs/2_Architecture_Guides/2.2_Security_Blueprint/4_Kernel/1.2.4.3_Consoles.md | |
parent | 7d32dd28e9b9fa97dd43bed13fb3050eb7ff8b3d (diff) |
Revision of Architecture Guides
v1:
Introduction : Skeleton file of Build Process [WIP].
Security Blueprint : Multiple markdowns appended into single markdown.
v2:
Security Blueprint :
4_Kernel.md - Fixed Internal Link.
Annexes.md - Uniform markdown Title.
Bug-AGL: [SPEC-3633]
Signed-off-by: Shankho Boron Ghosh <shankhoghosh123@gmail.com>
Change-Id: I1ab478348a05464612d67f0e8a4570bda309022d
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/documentation/+/25586
Reviewed-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
Tested-by: Jan-Simon Moeller <jsmoeller@linuxfoundation.org>
(cherry picked from commit 9cc56459419f1225f5e9851825ad305424b3d6fb)
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/c/AGL/documentation/+/25602
Diffstat (limited to 'docs/2_Architecture_Guides/2.2_Security_Blueprint/4_Kernel/1.2.4.3_Consoles.md')
-rw-r--r-- | docs/2_Architecture_Guides/2.2_Security_Blueprint/4_Kernel/1.2.4.3_Consoles.md | 99 |
1 files changed, 0 insertions, 99 deletions
diff --git a/docs/2_Architecture_Guides/2.2_Security_Blueprint/4_Kernel/1.2.4.3_Consoles.md b/docs/2_Architecture_Guides/2.2_Security_Blueprint/4_Kernel/1.2.4.3_Consoles.md deleted file mode 100644 index 297950d..0000000 --- a/docs/2_Architecture_Guides/2.2_Security_Blueprint/4_Kernel/1.2.4.3_Consoles.md +++ /dev/null @@ -1,99 +0,0 @@ ---- -title: Consoles ---- - -# Serial - -## Disable serial console - -The serial console should be disabled to prevent an attacker from accessing this -powerful interface. - -<!-- section-config --> - -Domain | `Config` name | `Value` ------------------------- | ---------------------------- | ------- -Kernel-Consoles-Serial-1 | `CONFIG_SERIAL_8250` | `n` -Kernel-Consoles-Serial-2 | `CONFIG_SERIAL_8250_CONSOLE` | `n` -Kernel-Consoles-Serial-3 | `CONFIG_SERIAL_CORE` | `n` -Kernel-Consoles-Serial-4 | `CONFIG_SERIAL_CORE_CONSOLE` | `n` - -<!-- end-section-config --> - --------------------------------------------------------------------------------- - -## Bake-in the kernel command-line - -The kernel command-line is used to control many aspects of the booting kernel, -and is prone to tampering as they are passed in RAM with little to no reverse -validation on these parameters. To prevent this type of attack, the kernel shall -be configured to ignore commands line arguments, and use pre-configured (compile -time) options instead. - -Set the kernel command line in the `CONFIG_CMDLINE KConfig` item and then pass -no arguments from the bootloader. - -<!-- section-config --> - -Domain | `Config` name | `Value` ------------------------------ | ------------------------- | ----------------------------------- -Kernel-Consoles-CommandLine-1 | `CONFIG_CMDLINE_BOOL` | `y` -Kernel-Consoles-CommandLine-2 | `CONFIG_CMDLINE` | `"insert kernel command line here"` -Kernel-Consoles-CommandLine-3 | `CONFIG_CMDLINE_OVERRIDE` | `y` - -<!-- end-section-config --> - -It is recommended that any per-device settings (e.g: MAC addresses, serial -numbers, etc.) be stored and accessed from read-only memory (or files), and that -any such parameters be verified (signature checking) prior to their use. - --------------------------------------------------------------------------------- - -## Disable KGDB - -The Linux kernel supports KGDB over USB and console ports. These mechanisms are -controlled by the `kgdbdbgp` and `kgdboc` kernel command-line parameters. It is -important to ensure that no shipping product contains a kernel with KGDB -compiled-in. - -<!-- section-config --> - -Domain | `Config` name | `Value` ----------------------- | ------------- | ------- -Kernel-Consoles-KDBG-1 | `CONFIG_KGDB` | `n` - -<!-- end-section-config --> - --------------------------------------------------------------------------------- - -## Disable magic sysrq support - -On a few architectures, you can access a powerful debugger interface from the -keyboard. The same powerful interface can be present on the serial console -(responding to serial break) of Linux on other architectures. Disable to avoid -potentially exposing this powerful backdoor. - -<!-- section-config --> - -Domain | `Config` name | `Value` ------------------------ | -------------------- | ------- -Kernel-Consoles-SysRQ-1 | `CONFIG_MAGIC_SYSRQ` | `n` - -<!-- end-section-config --> - --------------------------------------------------------------------------------- - -## Disable support for binary formats other than ELF - -This will make possible to plug wrapper-driven binary formats into the kernel. -It enables support for binary formats other than ELF. Providing the ability to -use alternate interpreters would assist an attacker in discovering attack -vectors. - -<!-- section-config --> - -Domain | `Config` name | `Value` ------------------------------- | -------------------- | ------- -Kernel-Consoles-BinaryFormat-1 | `CONFIG_BINFMT_MISC` | `n` - -<!-- end-section-config --> |