lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 25 Jul 2017 11:09:44 +0200
From:   Ingo Molnar <mingo@...nel.org>
To:     Josh Poimboeuf <jpoimboe@...hat.com>
Cc:     x86@...nel.org, linux-kernel@...r.kernel.org,
        live-patching@...r.kernel.org,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        Andy Lutomirski <luto@...nel.org>, Jiri Slaby <jslaby@...e.cz>,
        "H. Peter Anvin" <hpa@...or.com>,
        Peter Zijlstra <peterz@...radead.org>,
        Mike Galbraith <efault@....de>
Subject: Re: [PATCH v3 00/10] x86: ORC unwinder (previously undwarf)


* Josh Poimboeuf <jpoimboe@...hat.com> wrote:

> On Wed, Jul 12, 2017 at 09:27:50PM +0200, Ingo Molnar wrote:
> > Maybe we could offer a menu of unwinders - i.e. make the whole Kconfig interface a 
> > bit nicer:
> > 
> >   CONFIG_UNWINDER_FRAME_POINTER
> >   CONFIG_UNWINDER_ORC
> >   CONFIG_UNWINDER_GUESS
> > 
> > ... or so?
> 
> So far I haven't been able to figure out how to make the above three
> options into a multiple choice selection, such that allnoconfig selects
> CONFIG_UNWINDER_GUESS and alldefconfig selects
> CONFIG_UNWINDER_FRAME_POINTER.

I don't think that's a problem: the scheduler preemption model Kconfig setup has 
similar behavior - allyesconfig does not enable CONFIG_PREEMPT=y.

The new x86 default will eventually be the Orc unwinder, but not initially.

> > I wouldn't mind making CONFIG_UNWINDER_ORC the new default either, due to the 
> > non-trivial speedup it offers - but maybe folks would object?
> 
> Personally I wouldn't have an objection to making ORC the default, though we 
> should probably wait to give it some burn-in time first.

Sure, that's what testing is for.

> If we *do* decide to eventually make it the default, we could flip the switch at 
> the same time we introduced the multiple-choice config and rename above.  That 
> way, users of "make oldconfig" would see the change and would be encouraged to 
> switch ORC.

I disagree, as the current Kconfig layout actively hinders the 'more testing' 
part: you can only enable Orc if you knew how to do it, and 99% of our testers 
won't bother. In practice that's a testing coverage that is close to not testing 
it at all ...

> > > > CONFIG_FRAME_POINTERS et al would be left for architectures where it has a meaning 
> > > > beyond backtrace generation. (Not sure whether there's any such architectures.)
> > > 
> > > Well, on x86, hardened usercopy relies on frame pointers, but not the
> > > unwinder.  It does the frame pointer walk manually to avoid the full
> > > unwinder overhead.  See arch_within_stack_frames().

BTW., I think this aspect of the hardened user-copy is crazy stuff - there can be 
many stack frames, and this adds a serious amount of overhead even with frame 
pointers...

I think the current behavior is fine: if frame pointers are disabled then 
arch_within_stack_frames() returns NOT_STACK. Maybe it could do a few sanity 
checks: we do know the kernel stack range and we could check alignment as well.

Thanks,

	Ingo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ