...
Red Hat has agreed to make their annocheck code available which was used to test the stack clash mitigations on x86. We'll evaluate if that can be repurposed for RISC-V. If so, great, otherwise we'll do a by-hand scanner (which will probably be too fragile/ugly to release). The goal is to scan every executable and dynamic object available in a distro such as Canonical, Debian, Fedora and flag any sequences that look like they may violate the requirements for stack clash mitigation. Even the best scanners have had false positives, so we'll evaluate the output of whatever scanner tool we choose.
It is expected that this work will begin once Raphael has completed the GCC implementation.
Stakeholders/Partners
RISE:
...
| Page Properties | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Updates
...
- Project reported as priority for 1H2024.
...