lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Wed, 2 Feb 2022 01:25:33 -0800
From:   Dan Li <ashimida@...ux.alibaba.com>
To:     Ard Biesheuvel <ardb@...nel.org>, gcc-patches@....gnu.org,
        Richard Earnshaw <richard.earnshaw@....com>,
        marcus.shawcroft@....com, Kyrylo Tkachov <kyrylo.tkachov@....com>,
        hp@....gnu.org, Nick Desaulniers <ndesaulniers@...gle.com>,
        nsz@....gnu.org, pageexec@...il.com, qinzhao@....gnu.org,
        linux-hardening@...r.kernel.org,
        Peter Collingbourne <pcc@...gle.com>,
        Sami Tolvanen <samitolvanen@...gle.com>,
        Kees Cook <keescook@...omium.org>, richard.sandiford@....com
Subject: Re: [PING^3][PATCH,v2,1/1,AARCH64][PR102768] aarch64: Add compiler
 support for Shadow Call Stack



On 1/31/22 08:26, Richard Sandiford wrote:
> Thanks for the discussion and sorry for the slow reply, was out most of
> last week.
> 
> Dan Li <ashimida@...ux.alibaba.com> writes:
>> Thanks, Ard,
>>
>> On 1/26/22 00:10, Ard Biesheuvel wrote:
>>> On Wed, 26 Jan 2022 at 08:53, Dan Li <ashimida@...ux.alibaba.com> wrote:
>>>>
>>>> Hi, all,
>>>>
>>>> Sorry for bothering.
>>>>
>>>> I'm trying to commit aarch64 scs code to the gcc and there is an issue
>>>> that I'm not sure about, could someone give me some suggestions?
>>>> (To avoid noise, I did't cc PING^3 [1] to the kernel mail list :) )
>>>>
>>> So omitting the load of X30 from the ordinary stack seems fine to me.
> 
> OK, thanks.  Let's go with that for now then.  There would still be
> time to change our minds before GCC 12 is released, if anyone feels
> that patching SCS code would be useful.
>> Reading it back, I think my previous message came across as sounding
> like a complaint against binary patching, which wasn't the case at all.
> I think it would be fine to support patching, even if it was just for a
> single vendor rather than expected to be a common case.  It's just that,
> if we did want to support it, we'd need to document it as a requirement
> (at least within GCC) and change the implementation accordingly.
> 
Got it, then I'll implement this feature as discussed above and see
if we could add additional options for SCS later.

Thanks,
Dan

Powered by blists - more mailing lists