mirror of
https://github.com/RGBCube/serenity
synced 2025-07-25 21:47:46 +00:00
Base: Mitigations(7) add -fzero-call-used-regs and Process Protection
Update the man page to describe more mitigations that we have applied.
This commit is contained in:
parent
5e87c798d2
commit
c95ac83367
1 changed files with 34 additions and 0 deletions
|
@ -237,6 +237,40 @@ Date: Fri Jan 1 15:27:42 2021 -0800
|
|||
|
||||
Build + LibC: Enable -fstack-protector-strong in user space
|
||||
```
|
||||
### Protected Kernel Process Data
|
||||
|
||||
The kernel applies a exploit mitigation technique where vulnerable data
|
||||
related to the state of a process is separated out into it's own region
|
||||
in memory which is always remmaped as read-only after it's initialized
|
||||
or updated. This means that an attacker needs more than an arbitrary
|
||||
kernel write primitive to be able to elevate a process to root for example.
|
||||
|
||||
It was first enabled in the following [commit](https://github.com/SerenityOS/serenity/commit/cbcf891040e9921ff628fdda668c9738f358a178):
|
||||
```
|
||||
commit cbcf891040e9921ff628fdda668c9738f358a178
|
||||
Author: Andreas Kling <kling@serenityos.org>
|
||||
Date: Wed Mar 10 19:59:46 2021 +0100
|
||||
|
||||
Kernel: Move select Process members into protected memory
|
||||
```
|
||||
|
||||
### -fzero-call-used-regs
|
||||
|
||||
GCC-11 added a new option `-fzero-call-used-regs` which causes the
|
||||
compiler to zero function arguments before return of a function. The
|
||||
goal being to reduce the possible attack surface by disarming ROP
|
||||
gadgets that might be potentially useful to attackers, and reducing
|
||||
the risk of information leaks via stale register data.
|
||||
|
||||
It was first enabled when compiling the Kernel in the following [commit](https://github.com/SerenityOS/serenity/commit/204d5ff8f86547a8b100cf26a958aaabf49211f2):
|
||||
|
||||
```
|
||||
commit 204d5ff8f86547a8b100cf26a958aaabf49211f2
|
||||
Author: Brian Gianforcaro <bgianf@serenityos.org>
|
||||
Date: Fri Jul 23 00:42:54 2021 -0700
|
||||
|
||||
Kernel: Reduce useful ROP gadgets by zeroing used function registers
|
||||
```
|
||||
|
||||
## See also
|
||||
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue