{"id":607,"date":"2023-12-06T20:19:56","date_gmt":"2023-12-06T20:19:56","guid":{"rendered":"https:\/\/embeddedor.com\/blog\/?p=607"},"modified":"2024-07-10T16:24:15","modified_gmt":"2024-07-10T22:24:15","slug":"influencing-software-security-the-impact-of-the-kernel-self-protection-project","status":"publish","type":"post","link":"https:\/\/embeddedor.com\/blog\/2023\/12\/06\/influencing-software-security-the-impact-of-the-kernel-self-protection-project\/","title":{"rendered":"Influencing Software Security: The Impact of the Kernel Self-Protection Project  &#x2694;&#xfe0f;&#x1f6e1;&#xfe0f;&#x1f427;"},"content":{"rendered":"\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_68 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title \" >Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/embeddedor.com\/blog\/2023\/12\/06\/influencing-software-security-the-impact-of-the-kernel-self-protection-project\/#Compiler_Options_Hardening_Guide\" title=\"Compiler Options Hardening Guide\">Compiler Options Hardening Guide<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/embeddedor.com\/blog\/2023\/12\/06\/influencing-software-security-the-impact-of-the-kernel-self-protection-project\/#-Wimplicit-fallthrough\" title=\"-Wimplicit-fallthrough\">-Wimplicit-fallthrough<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/embeddedor.com\/blog\/2023\/12\/06\/influencing-software-security-the-impact-of-the-kernel-self-protection-project\/#-fstrict-flex-arrays3\" title=\"-fstrict-flex-arrays=3\">-fstrict-flex-arrays=3<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/embeddedor.com\/blog\/2023\/12\/06\/influencing-software-security-the-impact-of-the-kernel-self-protection-project\/#GCC_hardening_features\" title=\"GCC hardening features\">GCC hardening features<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/embeddedor.com\/blog\/2023\/12\/06\/influencing-software-security-the-impact-of-the-kernel-self-protection-project\/#Beyond_the_Linux_kernel\" title=\"Beyond the Linux kernel\">Beyond the Linux kernel<\/a><\/li><\/ul><\/nav><\/div>\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Compiler_Options_Hardening_Guide\"><\/span>Compiler Options Hardening Guide<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>On November 29th, the <a href=\"https:\/\/openssf.org\/\">Open Source Security Foundation (OpenSSF)<\/a> released a comprehensive and thorough hardening guide aimed at mitigating potential vulnerabilities in C and C++ code through the use of various hardening compiler options.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/openssf.org\/blog\/2023\/11\/29\/strengthening-the-fort-openssf-releases-compiler-options-hardening-guide-for-c-and-c\/\">Strengthening the Fort &#x1f3f0;: OpenSSF Releases Compiler Options Hardening Guide for C and C++<\/a> (blog post about the guide)<\/li>\n\n\n\n<li><a href=\"https:\/\/best.openssf.org\/Compiler-Hardening-Guides\/Compiler-Options-Hardening-Guide-for-C-and-C++\">Compiler Options Hardening Guide for C and C++<\/a> (the guide)<\/li>\n<\/ul>\n\n\n\n<p>This guide references some of the work we&#8217;ve accomplished over the years in the Kernel Self-Protection Project (KSPP), particularly our efforts to globally enable <a href=\"https:\/\/best.openssf.org\/Compiler-Hardening-Guides\/Compiler-Options-Hardening-Guide-for-C-and-C++#warn-about-implicit-fallthrough-in-switch-statements\">-Wimplicit-fallthrough<\/a> and <a href=\"https:\/\/best.openssf.org\/Compiler-Hardening-Guides\/Compiler-Options-Hardening-Guide-for-C-and-C++#enable-strict-flexible-arrays\">-fstrict-flex-arrays=3<\/a> in the upstream Linux kernel. &#x1f427;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"-Wimplicit-fallthrough\"><\/span>-Wimplicit-fallthrough<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>This warning flag warns when a fallthrough occurs unless it is specially marked as being <em>intended<\/em>. The Linux kernel project uses this flag; it led to the discovery and fixing of many bugs<sup><a href=\"https:\/\/best.openssf.org\/Compiler-Hardening-Guides\/Compiler-Options-Hardening-Guide-for-C-and-C++#fn:Corbet19\">21<\/a><\/sup>.<\/p>\n<\/blockquote>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/lwn.net\/Articles\/794944\/\">An end to implicit fall-throughs in the kernel<\/a> (LWN.net article)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"-fstrict-flex-arrays3\"><\/span>-fstrict-flex-arrays=3<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>In this guide we recommend using the standard C99 flexible array notation <code>[]<\/code> instead of non-standard <code>[0]<\/code> or misleading <code>[1]<\/code>, and then using <code>-fstrict-flex-arrays=3<\/code> to improve bounds checking in such cases. In this case, code that uses <code>[0]<\/code> for a flexible array will need to be modified to use <code>[]<\/code> instead. Code that uses <code>[1]<\/code> for a flexible arrays needs to be modified to use <code>[]<\/code> and also extensively modified to eliminate off-by-one errors. Using <code>[1]<\/code> is not just misleading<sup><a href=\"https:\/\/best.openssf.org\/Compiler-Hardening-Guides\/Compiler-Options-Hardening-Guide-for-C-and-C++#fn:Edge22\">39<\/a><\/sup>, it\u2019s error-prone; beware that <em>existing<\/em> code using <code>[1]<\/code> to indicate a flexible array may <em>currently<\/em> have off-by-one errors<sup><a href=\"https:\/\/best.openssf.org\/Compiler-Hardening-Guides\/Compiler-Options-Hardening-Guide-for-C-and-C++#fn:Cook23\">40<\/a><\/sup>.<\/p>\n<\/blockquote>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/lwn.net\/Articles\/908817\/\">Safer flexible arrays for the kernel<\/a> (LWN.net article)<\/li>\n\n\n\n<li><a href=\"https:\/\/www.youtube.com\/watch?v=V2kzptQG5_A\">Progress On Bounds Checking in C and the Linux Kernel &#8211; Kees Cook, Google &amp; Gustavo A. R. Silva<\/a> (Presentation on YouTube)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"GCC_hardening_features\"><\/span>GCC hardening features<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>The work of Qing Zhao is also referenced in the guide. Qing is making significant contributions to the KSPP by implementing hardening features in GCC, which we want to adopt in the Linux kernel.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/lwn.net\/Articles\/946041\/\">GCC features to help harden the kernel<\/a> (LWN.net article)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Beyond_the_Linux_kernel\"><\/span>Beyond the Linux kernel<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>In conclusion, it&#8217;s quite fulfilling to see the hardening work we undertake in the Kernel Self-Protection Project having a significant influence in the world of software security, beyond the Linux kernel. &#x1f642;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Compiler Options Hardening Guide On November 29th, the Open Source Security Foundation (OpenSSF) released a comprehensive and thorough hardening guide aimed at mitigating potential vulnerabilities in C and C++ code through the use of various hardening compiler options. This guide references some of the work we&#8217;ve accomplished over the years in the Kernel Self-Protection Project&#8230;<\/p>\n","protected":false},"author":1,"featured_media":614,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[13,9,23,24],"tags":[30],"class_list":["post-607","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-kernel-self-protection-project","category-linux-kernel-hardening","category-open-source-security","category-quick-post","tag-planet-korg"],"_links":{"self":[{"href":"https:\/\/embeddedor.com\/blog\/wp-json\/wp\/v2\/posts\/607","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/embeddedor.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/embeddedor.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/embeddedor.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/embeddedor.com\/blog\/wp-json\/wp\/v2\/comments?post=607"}],"version-history":[{"count":15,"href":"https:\/\/embeddedor.com\/blog\/wp-json\/wp\/v2\/posts\/607\/revisions"}],"predecessor-version":[{"id":626,"href":"https:\/\/embeddedor.com\/blog\/wp-json\/wp\/v2\/posts\/607\/revisions\/626"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/embeddedor.com\/blog\/wp-json\/wp\/v2\/media\/614"}],"wp:attachment":[{"href":"https:\/\/embeddedor.com\/blog\/wp-json\/wp\/v2\/media?parent=607"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/embeddedor.com\/blog\/wp-json\/wp\/v2\/categories?post=607"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/embeddedor.com\/blog\/wp-json\/wp\/v2\/tags?post=607"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}