lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <p733bbg7jru.fsf@verdi.suse.de>
Date:	28 Aug 2006 21:16:53 +0200
From:	Andi Kleen <ak@...e.de>
To:	"Hanson, Jonathan M" <jonathan.m.hanson@...el.com>
Cc:	linux-kernel@...r.kernel.org
Subject: Re: RBP save and restore on x86-64 system calls

"Hanson, Jonathan M" <jonathan.m.hanson@...el.com> writes:

> 	This may not be a kernel question per se but I was hoping someone on
> this list might be able to shed some light into where RBP is saved to on an
> x86-64 system when a non-tracing system call is made.

It might not be saved at all. The entry code relies on the C ABI
of the kernel code to save it somewhere or just not clobber it.

> 	An ioctl() triggers my kernel module and I need to have a way to
> reliably retrieve what RBP was immediately before the system call. RBP is
> not saved on the process' stack on kernel entry. The code in entry.S says
> that it's up to the C code (which I'm taking to mean glibc)

No, it's the kernel C code. RBP isn't callee clobbered register
so it's not saved.

What you can do is to use the new dwarf2 unwinder that will be in 2.6.18.
It can figure out all the register contents for you if you unwind until
it hits user space. This will require a kernel built with CONFIG_STACK_UNWIND.

There are also still some quirks with it, but for ioctls it should
work.

-Andi
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ