惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

WordPress大学
WordPress大学
Cyberwarzone
Cyberwarzone
The GitHub Blog
The GitHub Blog
云风的 BLOG
云风的 BLOG
P
Proofpoint News Feed
小众软件
小众软件
Recent Announcements
Recent Announcements
博客园 - 三生石上(FineUI控件)
Security Archives - TechRepublic
Security Archives - TechRepublic
W
WeLiveSecurity
Cloudbric
Cloudbric
博客园 - 司徒正美
美团技术团队
N
News and Events Feed by Topic
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
PCI Perspectives
PCI Perspectives
宝玉的分享
宝玉的分享
H
Help Net Security
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Google DeepMind News
Google DeepMind News
Help Net Security
Help Net Security
Last Week in AI
Last Week in AI
S
Schneier on Security
N
News | PayPal Newsroom
B
Blog RSS Feed
L
LINUX DO - 最新话题
T
Troy Hunt's Blog
S
Secure Thoughts
雷峰网
雷峰网
aimingoo的专栏
aimingoo的专栏
L
Lohrmann on Cybersecurity
G
Google Developers Blog
Microsoft Azure Blog
Microsoft Azure Blog
Hacker News - Newest:
Hacker News - Newest: "LLM"
T
Tenable Blog
S
Securelist
L
LangChain Blog
Recent Commits to openclaw:main
Recent Commits to openclaw:main
I
InfoQ
H
Heimdal Security Blog
Cisco Talos Blog
Cisco Talos Blog
F
Full Disclosure
Y
Y Combinator Blog
酷 壳 – CoolShell
酷 壳 – CoolShell
K
Kaspersky official blog
T
Tailwind CSS Blog
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
阮一峰的网络日志
阮一峰的网络日志
C
Cisco Blogs

LWN.net comments

tcmalloc's weird hack [LWN.net] Fixed? [LWN.net] mpd [LWN.net] Userspace AX.25 [LWN.net] RIP [LWN.net] My two cents... [LWN.net] pipx [LWN.net] Tragedy [LWN.net] A young man destined for glory [LWN.net] And 'less' won't let you search [LWN.net] A great loss [LWN.net] Sad and shocking news [LWN.net] Easy migration from Clementine [LWN.net] Sad coincidence [LWN.net] GNOME is actually usable thanks to Seth et al [LWN.net] Sad news :( [LWN.net] armhf supports preempt_rt [LWN.net] MusicBrainz accurracy [LWN.net] On open source maintainership [LWN.net] Let's stop here [LWN.net] Not a new thing [LWN.net] uv is indeed great pgmoneta Some comments on this on a Postgres blog feed [LWN.net] uv [LWN.net] going to Debian [LWN.net] Upgrading 64-bit-capable systems to 64-bit kernels? [LWN.net] Free Software foundations Maintainers can wait for code review but not for publish review? A reasonably extreme point of view [LWN.net] Maintaining old code Varieties of filesystems and schedulers, so why not for IPC mechanisms too? [LWN.net] AI and documentation [LWN.net] Delegating the work to a subsidiary [LWN.net] Maybe they should provide their reviews to the world [LWN.net] Something can be a bug but not a vulnerability [LWN.net] History is a little backwards ... [LWN.net] A reasonably extreme point of view [LWN.net] Let’s stop here [LWN.net] authd [LWN.net] Suggestion for bug report [LWN.net] Software pain points for long-term equipment [LWN.net] Wrong direction [LWN.net] mjg59 has lost the plot there [LWN.net] Role of German law in this? [LWN.net] Without beer? [LWN.net] Feels soul destroying [LWN.net] No zswap in Debian cloud kernel [LWN.net] No Beer?!? [LWN.net] The other fam [LWN.net] Thank you Andrew [LWN.net] Brave! [LWN.net] I second the cost factor [LWN.net] cassandra [LWN.net] Proprietary tools [LWN.net] familiar [LWN.net] ... is also staging. [LWN.net] Python package managers [LWN.net] Pour one out for AX.25... [LWN.net] tun/tap? [LWN.net] Another article at gnulinux.ch [LWN.net] Transitive checks [LWN.net] Just execute from stdin [LWN.net] Cross-compile Vacation [LWN.net] Concrete steps toward RFC 3550 (new Range types) You can rip with Windows apps too! Have the tempfile issues raised in the release notes been fixed? onlyoffice tried to add stuff in the fine print, and failed Work w/o publication is not science Removing art like offensive fortunes is a mistake. [LWN.net] De-googling (was Wtf) [LWN.net] I liked pdfmark [LWN.net] Juice then tag [LWN.net] why did PREEMPT_LAZY caused more preemptions than PREEMPT_NONE with THP disabled? [LWN.net] x86-64 was first introduced in 2003 [LWN.net] no memory safety? [LWN.net] False positive identification rate [LWN.net] "Defensive" AI use [LWN.net] LTS release? [LWN.net] ironic (ugly, good) [LWN.net] Moving away from LLVM [LWN.net] ironic (ugly, good) [LWN.net] Abandoning vim(1) ASAP [LWN.net] "Picard" naming [LWN.net] circular reasoning is a potential source of unsoundness [LWN.net] Nice to see an update [LWN.net] Writable THPs [LWN.net] Whole network messages [LWN.net] I'll fix my code ... [LWN.net] Can also recommend beets [LWN.net] Jack the CD ripper [LWN.net] How about the bad CDs? [LWN.net] systemd-boot [LWN.net] Significant raise of reports [LWN.net] IMO, it's appropriate [LWN.net] How about the bad CDs? [LWN.net] Update to include Part 4? [LWN.net] Pandoc also is invauable for a cheap-and-dirty retrieval augmented generation. [LWN.net] Whole network messages [LWN.net]
Foods for thought... [LWN.net]
Lionel_Debro · 2026-06-26 · via LWN.net comments

On the one side, mainline has an old long-term plan of removing GCC plugins, to be replaced either by native compiler features, or LLVM/Clang plugins. Both solutions effectively leave many Linux users unprotected, because pretty few Linux distros build the kernel with Clang, or because it will take years until the compiler features which aren't implemented yet reach multiple important distros, let alone the Enterprise (TM) ones. ISTR that Google builds Android with Clang, so LLVM/Clang plugins could help protect that large contingent of users of _future_ versions, but not billions of users of past versions (without backports, that is, but aren't most older versions unlikely to receive them ?).

On the other side, PaX/grsecurity doubles down on GCC plugins, because, despite the relative maintenance headache that they arguably cause (PaXTeam, spender, minipli, Emese Revfy, and/or whoever else has maintained them and maintains them nowadays seem to manage to cope with it), they have always represented a pragmatic solution for protecting users yesterday, today and tomorrow, against both old and new threats. I remember reading that GCC plugins ease maintenance of PaX/grsecurity, by replacing manual changes, and thereby free up more time for designing new defenses, too.
The 2017-2021 grsecurity patches published under the GPLv2 show that:
* AUTOSLAB (per-call-site slab partitioning, which, in my understanding, would be superior to type-based slab partitioning mentioned in this article);
* CONSTIFY (opt-out constification of statically allocated objects, e.g. ops structs);
* LATENT_ENTROPY;
* RAP (three-way forward edge deterministic + backward edge deterministic + backward edge probabilistic CFI, which makes it far superior to hardware implementations such as Intel CET - the grsecurity blog details how);
* RESPECTRE (automated patching for against speculative access issues, instead of manual patching for a handful of sites);
* SIZE_OVERFLOW (integer overflow prevention)
and several others have been implemented for years as GCC plugins, with extensive backwards compatibility to older GCC versions. Not to mention that they pioneered RANDSTRUCT that way, too, well over a decade ago.

Another topic: aren't layout randomizations, be them for address space (KASLR, FG-KASLR, etc.) or structs (mentioned in this article), and the associated complexity and boot-time slowdown, high cost and relatively low payout, when there's lower-hanging fruit, such as a mainline Linux kernel missing MODHARDEN-type functionality ?
There are already occurrences of "MODHARDEN", which locks down unprivileged module auto-loading, in grsec patches from 2011. I saw several weeks ago that in the 2021 grsecurity patches, the hunks containing MODHARDEN represent ~100 (not a typo) raw lines of patch.
Unprivileged module auto-loading for uncommon network protocols or filesystems, whose implementations are full of vulnerabilities, has been spotlit in the recent string of LPE exploits: Copy Fail, the Dirty Frag family, etc. Denying unprivileged users the ability to trigger auto-loading of a vulnerable module breaks exploits which depend on that non-default-loaded module being auto-loaded. Then, PaX/grsecurity typically further break the recent exploits by taking extra measures to disable io_uring and by at least shunning unprivileged user namespaces, both of which have consistently shown themselves on the vulnerability feeds over the years, and were also used in the implementation of some of the recent exploits, but that's another matter.
By now, since over 15 years ago, MODHARDEN alone has made it impossible for unprivileged users to exploit dozens, if not hundreds of vulnerabilities in the Linux kernel.