Breaking and Protecting Linux Kernel Stack – Elena Reshetova, Intel

Breaking and Protecting Linux Kernel Stack – Elena Reshetova, Intel

Linux kernel stack has always been a popular attack target due to its simple structure and predictable deterministic operation. The upstream Linux kernel has been somewhat slow on implementing various protections against these attacks, but nonetheless it did made a number of changes that notably decreased attacker’s success chances, namely vmalloc-based stack allocation with guard pages, thread_info removal from the stack, VLAs removal, the upstream port of the STACKLEAK grsecurity feature, etc. However, are these protections enough to combat the stack-based attacks or should we do more?This talk first presents history of stack-based attacks that are applicable to the Linux kernel together with existing implemented protections. Next it presents the case for further improving security of the kernel stack using RANDOMIZE_KSTACK_OFFSET with its challenges and performance implications.

source by The Linux Foundation

linux foundation