lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 22 Nov 2021 16:43:36 +1100 From: Michael Ellerman <mpe@...erman.id.au> To: LEROY Christophe <christophe.leroy@...roup.eu>, Kees Cook <keescook@...omium.org> Cc: kernel test robot <lkp@...el.com>, Benjamin Herrenschmidt <benh@...nel.crashing.org>, Paul Mackerras <paulus@...ba.org>, Sudeep Holla <sudeep.holla@....com>, Peter Zijlstra <peterz@...radead.org>, Nicholas Piggin <npiggin@...il.com>, "Aneesh Kumar K.V" <aneesh.kumar@...ux.ibm.com>, "Eric W. Biederman" <ebiederm@...ssion.com>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "linuxppc-dev@...ts.ozlabs.org" <linuxppc-dev@...ts.ozlabs.org>, "linux-hardening@...r.kernel.org" <linux-hardening@...r.kernel.org> Subject: Re: [PATCH] powerpc/signal32: Use struct_group() to zero spe regs LEROY Christophe <christophe.leroy@...roup.eu> writes: > Le 18/11/2021 à 21:36, Kees Cook a écrit : >> In preparation for FORTIFY_SOURCE performing compile-time and run-time >> field bounds checking for memset(), avoid intentionally writing across >> neighboring fields. >> >> Add a struct_group() for the spe registers so that memset() can correctly reason >> about the size: >> >> In function 'fortify_memset_chk', >> inlined from 'restore_user_regs.part.0' at arch/powerpc/kernel/signal_32.c:539:3: >> >> include/linux/fortify-string.h:195:4: error: call to '__write_overflow_field' declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror=attribute-warning] >> 195 | __write_overflow_field(); >> | ^~~~~~~~~~~~~~~~~~~~~~~~ >> >> Reported-by: kernel test robot <lkp@...el.com> >> Signed-off-by: Kees Cook <keescook@...omium.org> > > Reviewed-by: Christophe Leroy <christophe.leroy@...roup.eu> Acked-by: Michael Ellerman <mpe@...erman.id.au> > However, is it really worth adding that grouping ? Wouldn't it be > cleaner to handle evr[] and acc separately ? Now that we are using > unsafe variants of get/put user performance wouldn't be impacted. Yeah I agree we should be able to do less of these multi-field copies now that we have unsafe get/put user. But I think that's an issue for another patch, Kees' patch is an improvement, even if the code could be improved further in future. Though TBH I'm not sure what the future of SPE support is. Both GCC and glibc have dropped support for it, more than 2 years ago, so it's not clear to me if we should continue to support it in the kernel much longer. cheers
Powered by blists - more mailing lists