lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 12 Nov 2018 22:54:41 +0900
From:   Masahiro Yamada <yamada.masahiro@...ionext.com>
To:     Kees Cook <keescook@...omium.org>
Cc:     Ingo Molnar <mingo@...hat.com>,
        Thomas Gleixner <tglx@...utronix.de>, X86 ML <x86@...nel.org>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        "H. Peter Anvin" <hpa@...or.com>, Borislav Petkov <bp@...en8.de>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Sven Joachim <svenjoac@....de>
Subject: Re: [PATCH] x86: remove gcc-x86_*-has-stack-protector.sh checks

On Mon, Nov 12, 2018 at 5:29 PM Kees Cook <keescook@...omium.org> wrote:
>
> On Sun, Nov 11, 2018 at 9:06 PM, Masahiro Yamada
> <yamada.masahiro@...ionext.com> wrote:
> > gcc-x86_64-has-stack-protector.sh was introduced by commit 4f7fd4d7a791
> > ("[PATCH] Add the -fstack-protector option to the CFLAGS") in 2006
> > to work around buggy compilers.
> >
> > gcc-x86_32-has-stack-protector.sh was introduced by commit 60a5317ff0f4
> > ("x86: implement x86_32 stack protector"), which did not clearly state
> > whether compilers were still producing broken code at that time.
> >
> > Now, the minimum reuquired GCC version is 4.6, which was released in
> > 2011. Probably, we can dump these old compiler checks.
>
> NAK. We need to keep this because we've seen recent regressions with
> stack protection (e.g. gcc briefly used global instead of tls for the
> canary, which silently broke the use of stack protectors). Since the
> gcc/kernel "API" for the canary is so fragile we need to keep these
> tests to make sure things end up where they're expected.

Thanks for your feedback.

I did not know this is still fragile even after ten years time.

One more curious thing is, x86 is the only arch ever
that has had this kind of script check.



-- 
Best Regards
Masahiro Yamada

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ