| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 8 Jun 2011 12:39:06 +0200 From: Ingo Molnar <mingo@...e.hu> To: pageexec@...email.hu Cc: Andi Kleen <andi@...stfloor.org>, Andrew Lutomirski <luto@....edu>, x86@...nel.org, Thomas Gleixner <tglx@...utronix.de>, linux-kernel@...r.kernel.org, Jesper Juhl <jj@...osbits.net>, Borislav Petkov <bp@...en8.de>, Linus Torvalds <torvalds@...ux-foundation.org>, Andrew Morton <akpm@...ux-foundation.org>, Arjan van de Ven <arjan@...radead.org>, Jan Beulich <JBeulich@...ell.com>, richard -rw- weinberger <richard.weinberger@...il.com>, Mikael Pettersson <mikpe@...uu.se>, Brian Gerst <brgerst@...il.com>, Louis Rilling <Louis.Rilling@...labs.com>, Valdis.Kletnieks@...edu Subject: Re: [PATCH v5 8/9] x86-64: Emulate legacy vsyscalls * pageexec@...email.hu <pageexec@...email.hu> wrote: > On 8 Jun 2011 at 12:06, Andi Kleen wrote: > > > > eventually may even go away as time progresses and linux > > > systems begin to fully rely on the vdso instead. > > > > That assumes that everyone uses glibc and also updates their > > userland. As pointed out many times that's a deeply flawed > > assumption. > > i think the assumption is not that everyone uses glibc but that > everyone else (as in, every other libc) can simply take the > necessary changes from glibc, provided they need such changes at > all (i.e., they're using the vsyscall entry points over the vdso > ones). > > i frankly didn't check any of the alternatives myself > (uclibc/klibc/bionic/etc) but i can't imagine that it'd be that > much harder to patch them than glibc. Correct. Also, as i pointed it out in the previous mail, ABI does not mean 'will execute the same instructions', that would be silly. We *do* fix serious wide-scale performance regressions (obviously), but if it's about some weird crazy legacy path that we had good security reasons to change, and which is trivial to performance-improve in the library then we are well within our boundaries to keep the change. > as i said, this was a compromise solution but then i think you > already made it clear that you didn't even think there was a > problem here to solve, so i guess we should work that out first, if > you want to ;). Heh, indeed ;-) Thanks, Ingo -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists