lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <73c1f2160901172346k3d6170eeqd733724e3af84e95@mail.gmail.com>
Date:	Sun, 18 Jan 2009 02:46:15 -0500
From:	Brian Gerst <brgerst@...il.com>
To:	Tejun Heo <tj@...nel.org>
Cc:	Ingo Molnar <mingo@...e.hu>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 16/17] x86-64: Remove the PDA

On Sat, Jan 17, 2009 at 11:52 PM, Tejun Heo <tj@...nel.org> wrote:
> Hello,
>
> Brian Gerst wrote:
>> Now that the PDA is empty except for the stack canary, it can be removed.
>> The irqstack is moved to the start of the per-cpu section.  If the stack
>> protector is enabled, the canary overlaps the bottom 48 bytes of the irqstack
>> on SMP.  On UP it is a seperate variable, since it is the only thing referenced
>> via %gs.
>
> Eh... I don't know.  Locating stack canary at hard 40byte offset is a
> dirty thing to do one way or another.  I kind of like doing it
> directly in the linker script as it makes the dirty nature more
> obvious and doesn't require hunting down the definition in the first
> section.
>
> How about something like the following?
>
> #define CANARY_OFFSET   40
> #define CANARY_SIZE     8
>
> DECLARE_PER_CPU(unsigned long, stack_canary);
>
> and in linker script,
>
> PERCPU_VADDR_PREALLOC(0, :percpu, CANARY_OFFSET + CANARY_SIZE)
> per_cpu__stack_canary = __per_cpu_start + CANARY_OFFSET;
>

The thing I don't like about the prealloc method is that it puts the
page-aligned variables at the end.  This leaves a gap which is
unavailable for dynamic allocations.  Stealing 48 bytes from the
bottom of the irqstack (which is 16k) keeps the page-aligned section
at the start.  It's really no different than how the thread_info
structure sits at the bottom of the process stack.

How about something like:
union irq_stack_union {
	char irq_stack[IRQSTACKSIZE];
	struct {
		char pad[40];
		unsigned long stack_canary;
	}
};

That documents the overlay better, and avoids having to touch the linker script.

--
Brian Gerst
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ