Skip to content
Snippets Groups Projects
Select Git revision
  • 10e9ae9fabaf96c8e5227c1cd4827d58b3aa406d
  • vme-testing default
  • ci-test
  • master
  • remoteproc
  • am625-sk-ov5640
  • pcal6534-upstreaming
  • lps22df-upstreaming
  • msc-upstreaming
  • imx8mp
  • iio/noa1305
  • vme-next
  • vme-next-4.14-rc4
  • v4.14-rc4
  • v4.14-rc3
  • v4.14-rc2
  • v4.14-rc1
  • v4.13
  • vme-next-4.13-rc7
  • v4.13-rc7
  • v4.13-rc6
  • v4.13-rc5
  • v4.13-rc4
  • v4.13-rc3
  • v4.13-rc2
  • v4.13-rc1
  • v4.12
  • v4.12-rc7
  • v4.12-rc6
  • v4.12-rc5
  • v4.12-rc4
  • v4.12-rc3
32 results

scripts

  • Clone with SSH
  • Clone with HTTPS
    • user avatar
    gcc-plugins: Add STACKLEAK plugin for tracking the kernel stack
    Alexander Popov authored and Kees Cook committed 
    The STACKLEAK feature erases the kernel stack before returning from
syscalls. That reduces the information which kernel stack leak bugs can
reveal and blocks some uninitialized stack variable attacks.

This commit introduces the STACKLEAK gcc plugin. It is needed for
tracking the lowest border of the kernel stack, which is important
for the code erasing the used part of the kernel stack at the end
of syscalls (comes in a separate commit).

The STACKLEAK feature is ported from grsecurity/PaX. More information at:
  https://grsecurity.net/
  https://pax.grsecurity.net/



This code is modified from Brad Spengler/PaX Team's code in the last
public patch of grsecurity/PaX based on our understanding of the code.
Changes or omissions from the original code are ours and don't reflect
the original grsecurity/PaX code.

Signed-off-by: default avatarAlexander Popov <alex.popov@linux.com>
Tested-by: default avatarLaura Abbott <labbott@redhat.com>
Signed-off-by: default avatarKees Cook <keescook@chromium.org>
    10e9ae9f
    History
    user avatar 10e9ae9f
    History
    Name Last commit Last update
    ..