Skip to content

Issues: KSPP/linux

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort

Issues list

KCFI: Allow distinguishing indirect functions with otherwise identical signature [Compiler] Clang An issue in Clang itself needs to be addressed enhancement New feature or request [Feature] CFI Involves Control Flow Integrity
#365 opened Sep 22, 2024 by kees updated Feb 11, 2025
Use a per-task stack canary for stack protector [ARCH] arm32 Needed on the 32-bit ARM architecture (ARCH=arm) [ARCH] mips Needed on the MIPS architecture (ARCH=mips) [ARCH] s390 Needed on the s390 architecture (ARCH=s390) [ARCH-done] arm64 Finished on the 64-bit ARM architecture (ARCH=arm64) [ARCH-done] powerpc32 Finished on the 32-bit POWER architecture [ARCH-done] powerpc64 Finished on the 64-bit POWER architecture [ARCH-done] riscv Finished on the RISC-V architecture (ARCH=riscv) [ARCH-done] x86_32 Finished on the 32-bit x86 architecture (ARCH=i386) [ARCH-done] x86_64 Finished on the 64-bit x86 architecture (ARCH=x86) compiler Needs compiler support
#29 opened Dec 5, 2019 by kees updated Nov 24, 2024
18 of 33 tasks
Replace uses of snprintf() and vsnprintf() good first issue Good for newcomers [Refactor] sprintf Refactor sprintf uses
#105 opened Aug 24, 2020 by alexdewar updated Oct 18, 2024
Detect and avoid ToCToU double-fetch / double-read from userspace
#95 opened Aug 12, 2020 by kees updated Oct 16, 2024
Set BPF region read-only before starting verification [subsystem] BPF Related to the BPF subsystem
#154 opened Sep 19, 2021 by kees updated Sep 24, 2024
Improve FORTIFY_SOURCE to detect intra-object overflows [Feature] FORTIFY_SOURCE Involves buffer overflow detection [Linux] v5.11 Released in Linux kernel v5.11 [Linux] v5.18 Released in Linux kernel v5.18 [PATCH] Exists A patch exists to address the issue
#6 opened Sep 26, 2019 by kees updated Sep 22, 2024
5 of 6 tasks
KCFI: Support -fpatchable-function-entry=N,M where M > 0 [Compiler] Clang An issue in Clang itself needs to be addressed enhancement New feature or request [Feature] CFI Involves Control Flow Integrity
#366 opened Sep 22, 2024 by kees updated Sep 22, 2024
Separate slab allocations by type [Defense] type confusion
#189 opened May 5, 2022 by kees updated Aug 23, 2024
Add brute forcing/rapid crash detection and mitigation [Feature] ASLR involves address space layout randomization [PATCH] Exists A patch exists to address the issue [PATCH] Submitted A patch has been submitted upstream userspace defense This defense is intended to improve the resilience of userspace programs
#39 opened Mar 11, 2020 by kees updated Jul 23, 2024
Remove all strncpy() uses good first issue Good for newcomers [Refactor] strcpy Replace uses of unsafe strcpy-family functions
#90 opened Aug 11, 2020 by kees updated Jul 14, 2024
Kernel base address offset randomization (KASLR) [ARCH] arm32 Needed on the 32-bit ARM architecture (ARCH=arm) [ARCH] powerpc64 Needed on the 64-bit POWER architecture [ARCH] riscv Needed on the RISC-V architecture (ARCH=riscv) [ARCH-done] arm64 Finished on the 64-bit ARM architecture (ARCH=arm64) [ARCH-done] mips Finished on the MIPS architecture (ARCH=mips) [ARCH-done] powerpc32 Finished on the 32-bit POWER architecture [ARCH-done] s390 Finished on the s390 architecture (ARCH=s390) [ARCH-done] x86_32 Finished on the 32-bit x86 architecture (ARCH=i386) [ARCH-done] x86_64 Finished on the 64-bit x86 architecture (ARCH=x86) [Feature] ASLR involves address space layout randomization [PATCH] Exists A patch exists to address the issue
#3 opened Sep 25, 2019 by kees updated May 22, 2024
x86 KASLR base exposed due to lack of entry trampoline (EntryBleed, CVE-2022-4543) [ARCH] x86_64 Needed on the 64-bit x86 architecture (ARCH=x86) [Defense] information exposure Provide a defense for an information exposure
#361 opened May 16, 2024 by kees updated May 16, 2024
Enable -Wshadow=local [Build] Global flag
#152 opened Sep 17, 2021 by kees updated Apr 16, 2024
Enable -Wstringop-truncation [Build] Global flag [PATCH] Exists A patch exists to address the issue
#144 opened Sep 6, 2021 by kees updated Apr 16, 2024
refactor all tasklet users into other APIs [Refactor] tasklet removal Replace tasklet users with threaded IRQs robustness Improve kernel code robustness
#94 opened Aug 11, 2020 by kees updated Mar 11, 2024
Finish converting greybus 0-sized arrays [Refactor] 0-element array Conversion away from zero-length array
#349 opened Mar 4, 2024 by kees updated Mar 4, 2024
Detect signed integer wrap-around (overflow and underflow) compiler Needs compiler support
#26 opened Dec 5, 2019 by kees updated Feb 27, 2024
3 of 6 tasks
set_memory_*() needs __must_check and atomicity [ARCH] arm32 Needed on the 32-bit ARM architecture (ARCH=arm) [ARCH] arm64 Needed on the 64-bit ARM architecture (ARCH=arm64) [ARCH] powerpc64 Needed on the 64-bit POWER architecture [ARCH] x86_32 Needed on the 32-bit x86 architecture (ARCH=i386) [ARCH] x86_64 Needed on the 64-bit x86 architecture (ARCH=x86)
#7 opened Sep 26, 2019 by kees updated Feb 20, 2024
x86_64: move vdso to mmap region from stack region [ARCH] x86_64 Needed on the 64-bit x86 architecture (ARCH=x86) [Feature] ASLR involves address space layout randomization [PATCH] Submitted A patch has been submitted upstream
#280 opened Apr 22, 2023 by thestinger updated Feb 10, 2024
ProTip! Adding no:label will show everything without a label.