4.10 is around the corner, afterwards it's time for 4.4. gives us time to find out any outstanding issues too.
today's grsecurity release for linux 4.9 adds the promised return checking to the public version of RAP: grsecurity.net/rap_announce_… @epakskape
3
97
2
74
excellent, now all you need is RAP and you're the best in the business ;). congrats, you 'got it' before anyone else!
1
1
8
undergrad C test by the linux stable series maintainer (@gregkh): openwall.com/lists/kernel-ha…
1
8
6
sry, was too terse, it applies to executable and RELRO mappings only. not that if any of that matters here.
1
in xen/hvm everything should work i think, only paravirt (dom0) is problematic for KERNEXEC/UDEREF.
1
5
i doubt grsec detects ret2libc anywhere in userland, you'd need something like RAP to recompile userland first (works here ;).