| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 10 Feb 2009 10:25:06 -0500 From: Brian Gerst <brgerst@...il.com> To: Tejun Heo <tj@...nel.org> Cc: hpa@...or.com, jeremy@...p.org, tglx@...utronix.de, mingo@...e.hu, linux-kernel@...r.kernel.org, x86@...nel.org, rusty@...tcorp.com.au Subject: Re: [PATCH 11/11] x86: implement x86_32 stack protector On Mon, Feb 9, 2009 at 8:39 AM, Tejun Heo <tj@...nel.org> wrote: > Impact: stack protector for x86_32 > > Implement stack protector for x86_32. GDT entry 28 is used for it. > It's set to point to stack_canary-20 and have the length of 24 bytes. > CONFIG_CC_STACKPROTECTOR turns off CONFIG_X86_32_LAZY_GS and sets %gs > to the stack canary segment on entry. As %gs is otherwise unused by > the kernel, the canary can be anywhere. It's defined as a percpu > variable. > > x86_32 exception handlers take register frame on stack directly as > struct pt_regs. With -fstack-protector turned on, gcc copies the > whole structure after the stack canary and (of course) doesn't copy > back on return thus losing all changed. For now, -fno-stack-protector > is added to all files which contain those functions. We definitely > need something better. > > Signed-off-by: Tejun Heo <tj@...nel.org> Am I missing something, or does this patch not actually implement the offset of the start of the segment by 20 from the stack_canary variable? -- Brian Gerst -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists