Navigation: Linux Kernel Driver DataBase - web LKDDB: Main index - R index

CONFIG_RANDOMIZE_KSTACK_OFFSET: Support for randomizing kernel stack offset on syscall entry

General informations

The Linux kernel configuration item CONFIG_RANDOMIZE_KSTACK_OFFSET:

prompt: Support for randomizing kernel stack offset on syscall entry
type: bool
depends on: ( CONFIG_EXPERT ) && ( CONFIG_HAVE_ARCH_RANDOMIZE_KSTACK_OFFSET ) && ( CONFIG_INIT_STACK_NONE || ! CONFIG_CC_IS_CLANG || CONFIG_CLANG_VERSION >= CONFIG_140000 )
defined in arch/Kconfig
found in Linux kernels: 5.18–5.19, 6.0–6.11, 6.12-rc+HEAD

Help text

The kernel stack offset can be randomized (after pt_regs) by roughly 5 bits of entropy, frustrating memory corruption attacks that depend on stack address determinism or cross-syscall address exposures.

The feature is controlled via the "randomize_kstack_offset=on/off" kernel boot param, and if turned off has zero overhead due to its use of static branches (see JUMP_LABEL).

If unsure, say Y.

Hardware

LKDDb

Raw data from LKDDb:

(none)

Sources

This page is automaticly generated with free (libre, open) software lkddb(see lkddb-sources).

The data is retrived from:

Linux kernel
Linux Kernel Driver DataBase (LKDDb)

Automatic links from Google (and ads)

Custom Search

Popular queries:

Navigation: Linux Kernel Driver DataBase - web LKDDB: main index - R index

Automatically generated (in year 2024). See also LKDDb sources on GitLab