UKees Cook, owayeyi-sysadmin eyinhloko ku-kernel.org nomholi wethimba lezokuphepha Ubuntu, manje osebenza kwaGoogle ukuvikela i-Android ne-ChromeOS, ukhiphe iqoqo lezimagqabhagqabha ezihlela ngokungahleliwe ama-kernel stack offsets lapho usingatha izingcingo zesistimu. Amachashaza athuthukisa ukuphepha kwe-kernel ngokushintsha indawo yokubeka, lnoma lokho kwenza ukuhlaselwa kwesitaki kube nzima kakhulu futhi kungaphumeleli kangako
Umqondo wokuqala walesi siqeshana ungowephrojekthi ye-PaX RANDKSTACK. Ngo-2019, u-Elena Reshetova, unjiniyela kwa-Intel, wazama ukudala ukuqaliswa kwalo mbono, ofanele ukufakwa ekwakhiweni okuyinhloko kwe-Linux kernel.
Ngemuva kwalokho, lesi sinyathelo sathathwa nguKees Cook owethule ukuqaliswa okufanele kwenguqulo eyinhloko ye-kernel futhi ama-patches ayo ahlelelwe inguqulo 5.13 ye-Linux.
Imodi izokhutshazwa ngokuzenzakalela futhi iyinike amandla, kunikezwa ipharamitha yomugqa womyalo we-kernel "Randomize_kstack_offset = vula / vala»Futhi izilungiselelo CONFIG_RANDOMIZE_KSTACK_OFFSET_DEFAULT, Ngaphezu kwalokho, phezulu kokuvumela imodi kulinganiselwa ekulahlekelweni kokusebenza okungu-1%.
Ingqikithi yokuvikelwa okuhlongozwayo ukukhetha isitaki esingahleliwe kukholi yohlelo ngalunye, okwenza kube nzima ukunqunywa kwesakhiwo sesitaki kwimemori noma ngabe imininingwane yekheli itholakele, ngoba ikheli lesisekelo lesitaki lizoshintsha ocingweni olulandelayo.
Ngokungafani nokuqaliswa kwe- I-PaX RANDKSTACK, kumachashazi ahlongozwayo ukuthi afakwe ku-kernel, ukungahleliwe akwenziwa esigabeni sokuqala, kepha ngemuva kokusetha isakhiwo se-pt_regs, okwenza kube nzima ukusebenzisa izindlela ezisuselwa ku-ptrace ukuthola i-offset engahleliwe ngesikhathi socingo lwesikhathi eside.
Njengoba ukuvikelwa kwesitaki se-Linux kernel kuye kwathuthuka njalo (imephu yesitaki esuselwa ku-vmap enamakhasi okuvikela, ukususwa kwe-thread_info, i-STACKLEAK), abahlaseli kuye kwadingeka bathole izindlela ezintsha zokusebenzisa kwabo ukuze basebenze.
Banakho, futhi bayaqhubeka nokuncika ku-kernel stack determinism, ezimweni lapho I-VMAP_STACK ne-THREAD_INFO_IN_TASK_STRUCT zazingabalulekile. Isibonelo, ukuhlaselwa kwakamuva okulandelayo bekuzophazamiseka uma ngabe isitaki esinqunyelwe besingacacisi phakathi kwamakholi wesistimu
Inhloso yomsebenzi we-randomize_kstack_offset ukufaka i-offset engahleliwe ngemuva kokuthi i-pt_regs icindezelwe esitaki nangaphambi kokuba kusetshenziswe umucu wentambo ngenkathi kucutshungulwa izingcingo zesistimu, bese uyishintsha njalo lapho inqubo ikhipha ikholi yohlelo. Umthombo wokungahleliwe okwamanje uchazwa ngokwakhiwa (kepha i-x86 isebenzisa i-byte ephansi ye-rdtsc ()).
Izithuthukisi zesikhathi esizayo zingenzeka ngemithombo ehlukile ye-entropy, kepha ngaphandle komkhawulo walesi siqephu. Futhi, ukwengeza okungalindelekile okungaphezulu, ukukhethwa okusha kukhethwa ekugcineni kwezingcingo zesistimu (isikhathi okufanele kube lula ukusilinganisa kusuka esikhaleni somsebenzisi kunangesikhathi sokungena kocingo lohlelo) futhi zigcinwa ngokuguquguqukayo okukodwa I-CPU, ukuze isikhathi sokuphila senani singahlali siboshelwe ngokusobala emsebenzini owodwa.
Azikho izinguquko ezibonakalayo kulokhu ku-x86 ngoba isilondolozi sesitaki sesivele sikhutshazwe ngokungenamibandela kwiyunithi yokuhlanganiswa, kepha ushintsho luyadingeka ku-arm64. Ngeshwa, asikho isibaluli esingasetshenziswa ukukhubaza isilondolozi sesitaki semisebenzi ethile. Ukuqhathanisa nomsebenzi we-PaX RANDKSTACK: Umsebenzi we-RANDKSTACK uhlela indawo yokuqala kwesitaki (cpu_current_top_of_stack), okungukuthi, kufaka phakathi indawo yesakhiwo se-pt_regs esitaki.
Ekuqaleni, lesi siqeshana silandele indlela efanayo, kepha phakathi nezingxoxo zakamuva kunqunywe ukuthi kungabi nenani elincane sengathi ukusebenza kwe-ptrace kuyatholakala kumhlaseli, ungasebenzisa i-PTRACE_PEEKUSR ukufunda / ukubhala okwehlukile kusakhiwo se-pt_regs, ukubuka ukusebenza kwe-cache kokufinyelela pt_regs bese uthola ukuthi okungahleliwe kwe-stack offset.
Ekugcineni kushiwo lokho ukuqaliswa kokuqala kusekela i-ARM64 kanye ne-x86 / x86_64 processors.