STACKLEAK: A Long Way to the Linux Kernel Mainline - Alexander Popov, Positive Technologies

STACKLEAK is a Linux kernel security feature initially created by Grsecurity/PaX developers. In May of 2017 Alexander Popov took on the task of introducing STACKLEAK into the Linux kernel mainline. The way to the mainline turned out to be long and complicated.

In this talk Alexander will describe the inner workings of this security feature and why the vanilla kernel needs it. In fact, STACKLEAK mitigates several types of attacks against the Linux kernel due to: - reducing the information that can be revealed through kernel stack leak bugs; - blocking some uninitialized stack variable attacks; - blocking kernel stack depth overflow caused by alloca (aka Stack Clash attack).

Alexander will also show the timeline of his work and share some lessons he learned from it.

About Alexander Popov Alexander Popov is a security researcher at Positive Technologies where he is having a lot of fun with the Linux kernel vulnerabilities, exploitation techniques and defensive technologies. Alexander is a Linux kernel developer since 2012.