Date: Thu, 21 Feb 2019 15:29:39 -0800 From: Kees Cook <keescook@...omium.org> To: "Perla, Enrico" <enrico.perla@...el.com> Cc: Andy Lutomirski <luto@...capital.net>, "Reshetova, Elena" <elena.reshetova@...el.com>, Andy Lutomirski <luto@...nel.org>, Jann Horn <jannh@...gle.com>, Peter Zijlstra <peterz@...radead.org>, "kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com>, "tglx@...utronix.de" <tglx@...utronix.de>, "mingo@...hat.com" <mingo@...hat.com>, "bp@...en8.de" <bp@...en8.de>, "tytso@....edu" <tytso@....edu> Subject: Re: [RFC PATCH] x86/entry/64: randomize kernel stack offset upon system call On Wed, Feb 20, 2019 at 2:53 PM Kees Cook <keescook@...omium.org> wrote: > BTW, the attack that inspired grsecurity's RANDKSTACK is described in > these slides (lots of steps, see slide 79): > https://www.slideshare.net/scovetta/stackjacking Sorry, as PaX Team reminded me, I misremembered this. RANDKSTACK already existed. It was STACKLEAK that was created in response to this particular attack. I still think this attack is worth understanding to see what hoops must be jumped through when dealing with stack randomization (and other defenses). -- Kees Cook
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.