Why Linux Kernel Security Stalls: Inside KSPP, Stack Clash, and Community Politics

The Linux kernel community does not prioritize security highly; despite several large‑scale exploits in the 2000s, Linus Torvalds still adheres to the "A bug is a bug" philosophy. After a Washington Post expose, the Linux Foundation’s CII launched KSPP (Kernel Self‑Protection Project), bringing engineers from Google, RedHat, Intel, ARM, etc., but for two years it mainly copied PaX/Grsecurity features to satisfy employer KPIs, merging chaotic code into the mainline and hampering PaX/Grsecurity development.

Recently, Qualys exposed the Stack Clash vulnerability, an old exploitation technique that threatens almost all UNIX‑like systems, including GNU/Linux. When maintainer Andy Lutomirski asked how PaX/Grsecurity had fixed it, Linus dismissed Grsecurity as garbage. Surprisingly, after PaX/Grsecurity author Spender revealed some silent kernel fixes, Linus invited the PaX team to contribute directly to the kernel, a rare move given the community’s corporate‑driven composition.

Ironically, part of the Stack Clash fix originated from PaX/Grsecurity code written in 2010. Linus’s dismissal of PaX/Grsecurity therefore also undermines KSPP, which continues to copy its features. The vulnerability CVE‑2017‑1000370 (offset2lib bypass) remains unpatched, with RedHat marking it merely "Under Investigation" while awaiting an upstream kernel fix.

Corporate interests further strain the ecosystem: the Linux Foundation, despite claiming nonprofit status, pays its CEO $490,000 (FY 2014) and maintains close ties with companies like Google. This has limited the kernel’s chance to improve security, prompting the HardenedLinux community to urge users to reassess data‑asset security levels.

Anonymous comment: Linus requires that code merged into the mainstream be logically split, readable, and auditable, both technically and legally. PaX/Grsecurity often submits large, unsplit patches that violate these norms, forcing maintainers to guess logic and split code themselves, which PaX/Grsecurity disparages as "copy‑paste". While KPI‑driven contributions from large vendors dominate, many vendor‑neutral improvements (e.g., Android’s binder, TCP Fast Open, BBR) benefit all users. Nonetheless, political and corporate factors continue to shape kernel development.

Source: Solidot Link: http://www.solidot.org/story?sid=52878