lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 27 Feb 2008 08:26:17 +0100
From:	Ingo Molnar <mingo@...e.hu>
To:	Roland McGrath <roland@...hat.com>
Cc:	Thomas Gleixner <tglx@...utronix.de>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	linux-kernel@...r.kernel.org,
	Tomasz Grobelny <tomasz@...belny.oswiecenia.net>
Subject: Re: [PATCH] x86 tls prevent_tail_call


* Roland McGrath <roland@...hat.com> wrote:

> The x86 TLS cleanup in commit efd1ca52d04d2f6df337a3332cee56cd60e6d4c4 
> made the sys_set_thread_area and sys_get_thread_area functions ripe 
> for tail call optimization.  If the compiler chooses to use it for 
> them, it can clobber the user trap frame because these are asmlinkage 
> functions.

thanks, applied.

>  asmlinkage int sys_set_thread_area(struct user_desc __user *u_info)
>  {
> -	return do_set_thread_area(current, -1, u_info, 1);
> +	int ret = do_set_thread_area(current, -1, u_info, 1);
> +	prevent_tail_call(ret);
> +	return ret;

i'm wondering, have you seen this happen in practice? We use 
sys_set_thread_area() for every new task started up. I guess we havent 
seen problems in the field yet because this early during startup tasks 
do not normally receive signals? (or if they do they are fatal and no 
user signal context is used.)

btw., gcc 4.2.3 doesnt do it due to CONFIG_FRAME_POINTERS=y here, and 
most distros turn on frame pointers.

btw., this whole thing of us having to notice such tail-optimization 
incidents is totally fragile and unreliable. Shouldnt there be a "dont 
tail-optimize me" attribute which we could stick into asmlinkage? 
Perhaps sparse could detect asmlinkage functions that do not do 
prevent_tail_call()s?

	Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ