Linux 4.19 Will Fend Off Stack Attacks With STACKLEAK Plugin
Written by Michael Larabel in Linux Kernel on 14 August 2018 at 04:56 AM EDT. 1 Comment
LINUX KERNEL --
As expected, Linux 4.19 is getting STACKLEAK as a GCC plug-in for the Linux kernel that will fend off various form of stack attacks.

STACKLEAK is ported from the last open-source code of the GrSecurity/PaX modified kernel and wipes out the kernel stack before returning from system calls.

Among the benefits of STACKLEAK as explained by Google's Kees Cook:
This creates a defense against several classes of flaws:

- uninitialized stack usage (while we continue to work on improving the compiler to do this in other ways: e.g. unconditional zero init was proposed to gcc and clang, and more plugin work has started too)

- stack content exposure (by greatly reducing the lifetime of valid stack contents, exposures via either direct read bugs or unknown cache side-channels become much more difficult to exploit. This complements the existing buddy and heap poisoning options, but provides the coverage for stacks)

- stack exhaustion/guard-page skipping (while we continue to work to remove all VLAs in the kernel: of the ~115 cases found in v4.16, after the v4.19 merge window we should be down to about 13 remaining, most of them in crypto code, all of which have patches under review)

STACKLEAK is being added to the mainline Linux kernel via the gcc-plugins updates.
About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 10,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Related Linux Kernel News
Popular News This Week