lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 22 Jan 2010 15:55:11 -0800
From:	Jim Keniston <jkenisto@...ibm.com>
To:	Peter Zijlstra <peterz@...radead.org>
Cc:	Srikar Dronamraju <srikar@...ux.vnet.ibm.com>,
	Ingo Molnar <mingo@...e.hu>,
	Ananth N Mavinakayanahalli <ananth@...ibm.com>,
	utrace-devel <utrace-devel@...hat.com>,
	Frederic Weisbecker <fweisbec@...il.com>,
	Masami Hiramatsu <mhiramat@...hat.com>,
	Maneesh Soni <maneesh@...ibm.com>, Avi Kivity <avi@...hat.com>,
	Pekka Enberg <penberg@...helsinki.fi>,
	Mel Gorman <mel@....ul.ie>,
	"Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>,
	LKML <linux-kernel@...r.kernel.org>
Subject: Re: [RFC] [PATCH 0/7] UBP, XOL and Uprobes [ Summary of Comments
	and actions to be taken ]


On Fri, 2010-01-22 at 19:06 +0100, Peter Zijlstra wrote:
> On Fri, 2010-01-22 at 12:32 +0530, Srikar Dronamraju wrote:
> 
> > 2. XOL vma vs Emulation vs Single Stepping Inline vs using Protection
> > Rings.
> > 	XOL VMA is an additional process address vma.  This is
> > 	opposition to add an additional vma without user actually
> > 	requesting for the same.
> > 
> > 	XOL vma and single stepping inline are the two architecture
> > 	independent implementations. While other implementations are
> > 	more architecture specific. Single stepping inline wouldnt go
> > 	well with multithreaded process.
> > 
> > 	Even though XOL vma has its own issues, we will go with it since
> > 	other implementations seem to have more complications.
> > 
> > 	we would look forward to implementing boosters later. 
> > 	Later on, if we come across another techniques with lesser
> > 	side-effects than the XOL vma, we would switch to using them.
> 
> How about modifying glibc to reserve like 64 bytes on the TLS structure
> it has and storing the ins and possible boost jmp there? Since each
> thread can only have a single trap at any one time that should be
> enough.

We once implemented something similar, but using an area just beyond the
top of the stack instead of TLS.  We figured it would never pass muster
because we have to temporarily map the page executable (and undo it
after the single-step), and this felt like a big security hole.  I'd
think we'd have the same concern with TLS.

Jim

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ