Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 7 Nov 2015 22:50:04 -0800
From: Kees Cook <>
To: "" <>
Subject: Re: Re: Kernel Self Protection Project

On Sat, Nov 7, 2015 at 1:52 AM, Quentin Casasnovas
<> wrote:
> On 2015-11-06, Kees Cook <> wrote:
>> On Fri, Nov 6, 2015 at 8:00 AM, Quentin Casasnovas
>><> wrote:
>>>> For now, I'm going to focus on taking a look at the PAX_SIZE_OVERFLOW
>>>> gcc plugin, which will also get us the gcc plugin infrastructure.
>>>> Other people, please speak up on what you'd like to tackle.
>>> Not that it's complex but I already have a branch with the gcc plugin
>>> infrastructure split up if you're interested and you reckon that can save
>>> you some time.
>> Sure, what's the URL?
> I've pushed the three of them onto:

Excellent, thanks for putting that up. I'll take a look.

Given Emese's comments in the other thread, I may actually pass on
this as my first piece to tackle. I may wait to see the constify
plugin go in first.

> It lacks Documentation for now, but you can have a look at the branch
> quentin-fuzz-gccplugin which adds an instrumentation plugin (converted from
> the gcc patch[1] Dmitry Vyukov wrote for syzkaller[2]).

syzkaller has been producing some very interesting bugs lately!

> Adding a plugin should be simple, add its name to $(HOSTLIBS)-y, and use
> the regular kbuild system way to specify from which source files it is
> built, CFLAGS, etc.
>   $(HOSTLIBS)-y =
>   foo-objs = foo.c bar.c
> And then to have some compilations units be compiled using, they
> just need the following in their CFLAGS:
>  -fplugin=$(objtree)/path/to/
>   [1]
>   [2]
> All of this is taken from the grsecurity/PaX Team patchset.
>> I actually think that just splitting out features might be a good
>> first step all around. Most folks aren't very familiar with the
>> PaX/Grsec patches, and they, in their monolithic nature, can be hard
>> to understand. Many depend on each other, but some are separable.
> Agreed, that should be a required step before people can review.

Yeah. Does anyone want to also extract PAX_USERCOPY or
GRKERNSEC_KSTACKOVERFLOW ? No one has mentioned an interest in those


>> I'm also hoping Emese Revfy[1] might be interested in driving
>> PAX_SIZE_OVERFLOW too, which would be terrific, since she's way more
>> qualified than me to do it. /me awaits emails. :)
>> -Kees
>> [1]
> Quentin

Kees Cook
Chrome OS Security

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.