RE: [PATCH v2 0/5] Optionally randomize kernel stack offset each syscall
From: Reshetova, Elena
Date: Wed Mar 25 2020 - 08:15:20 EST
> > Also, are you sure that it isn't possible to make the syscall that
> > leaked its stack pointer never return to userspace (via ptrace or
> > SIGSTOP or something like that), and therefore never realign its
> > stack, while keeping some controlled data present on the syscall's
> > stack?
How would you reliably detect that a stack pointer has been leaked
to userspace while it has been in a syscall? Does not seem to be a trivial
task to me.
Best Regards,
Elena.