| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 22 Aug 2012 19:14:17 -0700 From: "H. Peter Anvin" <hpa@...or.com> To: Andi Kleen <andi@...stfloor.org> CC: linux-kernel@...r.kernel.org, x86@...nel.org, mmarek@...e.cz, linux-kbuild@...r.kernel.org, JBeulich@...e.com, akpm@...ux-foundation.org, Andi Kleen <ak@...ux.intel.com> Subject: Re: [PATCH 74/74] lto, workaround: Mark do_futex noinline to prevent clobbering ebp On 08/22/2012 05:17 PM, H. Peter Anvin wrote: > On 08/18/2012 07:57 PM, Andi Kleen wrote: >> From: Andi Kleen <ak@...ux.intel.com> >> >> On a 32bit build gcc 4.7 with LTO decides to clobber the 6th argument on the >> stack. Unfortunately this corrupts the user EBP and leads to later crashes. >> For now mark do_futex noinline to prevent this. >> >> I wish there was a generic way to handle this. Seems like a ticking time >> bomb problem. >> > > There is a generic way to handle this. This is actually a bug in Linux > that has been known for at least 15 years and which we keep hacking around. > > The right thing to do is to change head_32.S to not violate the i386 > ABI. Arguments pushed (by value) on the stack are property of the > callee, that is, they are volatile, so the hack of making them do double > duty as both being saved and passed as arguments is just plain bogus. > The problem is that it works "just well enough" that people (including > myself) keep hacking around it with hacks like this, with assembly > macros, and whatnot instead of fixing the root cause. > > -hpa > Just a clarification (Andi knows this, I'm sure, but others might not): this wasn't done the way it is for no reason; back when Linus originally wrote the code, i386 passed *all* arguments on the stack, and we still do that for "asmlinkage" functions on i386. Since gcc back then rarely if ever mucked with the stack arguments, it made sense to make them "double duty." Fixing this really should entail changing the invocation of system calls on i386 to use the regparm convention, which means we only need to push three arguments twice, rather than six. -hpa -- H. Peter Anvin, Intel Open Source Technology Center I work for Intel. I don't speak on their behalf. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists