On Saturday April 7 2007 00:35, Rogelio Serrano wrote: > Is it possible to add stack protection to the kernel itself?
Yes and no. Yes, the kernel can be built with -fstack-protector-all, but getting it to actually offer protection is another story (currently does not protect i386). Originally the linux-kernel-ssp patch was ported from OpenBSD's SSP kernel patch, but in Linux it had no effect. It is in the mainline kernel (since 2.6.19) for x86_64, but this Linux patch was not ported/based from the OpenBSD patch, and I assume it was accepted in the official kernel source because it works. It could most likely be ported from x86_64 to x86_32. Kernel debugging options also work nice too. robert
pgpRrekrWREyE.pgp
Description: PGP signature
-- http://linuxfromscratch.org/mailman/listinfo/hlfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
