lol, grsecurity went fully closed, probably in an attempt to stop the Kernel Self Protection Project from making it obsolete
4
6
1
22
It is in 4.8.17, and 4.7.10, and 4.6.5 (July last year), you're really up for complaining about whatever right?
1
christ this whole thing is dumb. here’s a challenge: give me a kernel binary. not the secret jewels, just a binary, but it has to have[..]
1
1
[..]all the protections of the commercial version enabled. and i will break it, if only to take out my annoyance.
1
1
you can compile a kernel so cut your teeth on the public version first and see how you fare then we'll talk about the next step.
2
2
Of course, that is exactly what /you/ want: to be able to claim that my results are invalid for some reason or other.
1
1
if you're unsure if a given exploit technique is in scope just ask me.
2
(I do have other things to do, so it may be a few days before I have enough time, but no more than a week.)
1
Replying to @comex @marcan42 @lazytyped
given that you announced your intention a year ago, i think i can wait a little longer ;).

Apr 29, 2017 · 10:09 PM UTC

1
Replying to @paxteam @marcan42 @lazytyped
did you fix the issue I pointed out… I think it was a few months ago? with rbp/rsp
1
that nitter.vloup.ch/paxteam/status/8… ? the private version has always had a pass to undo the damage (and more that you aren't aware of yet).
PaX Team @paxteam
26 Apr 2017
Replying to @comex
you mean the gcc codegen 'feature' when frame ptrs are enabled? imagine it's fixed or frame ptrs are off and work from there.
1
more replies