lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 07 Nov 2011 14:51:08 +0900
From:	Mitsuo Hayasaka <mitsuo.hayasaka.hu@...achi.com>
To:	Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...hat.com>,
	"H. Peter Anvin" <hpa@...or.com>,
	Randy Dunlap <rdunlap@...otime.net>
Cc:	x86@...nel.org, linux-kernel@...r.kernel.org,
	linux-doc@...r.kernel.org, yrl.pp-manager.tt@...achi.com
Subject: [RFC PATCH 0/5] x86: check stack overflows more reliably

Hi,

This patch series adds the following three features about stack
overflow checking. The (2) and (3) features work if their options
are enabled.

(1) add user mode vm check
    The kernel stack overflow is checked in stack_overflow_check(),
    which may wrongly detect the overflow if the user stack pointer
    pointed to the kernel stack accidentally. To avoid this misdetection,
    bail out early if the user stack is used.

(2) check stack overflow in detail
    Currently, only kernel stack is checked for the overflow,
    which is not sufficient for enterprise systems. To enhance
    reliability, expand stack overflow checking to IRQ and 
    exception stacks optionally. This is disabled by default
    in Kconfig.

(3) panic on stack overflow
    Currently, kernel messages are output on the detection of 
    stack overflow. Similarly, its's not sufficient for enterprise
    systems since it may corrupt data. To enhance reliability,
    cause a panic for the overflows according to the sysctl parameter.
    This is disabled by default.

Thanks,

---

Mitsuo Hayasaka (5):
      x86: change range of stack overflow checking
      x86: panic on detection of stack overflow
      x86: add a sysctl parameter to panic on stack overflow
      x86: check stack overflow in detail
      x86: add user_mode_vm check in stack_overflow_check


 Documentation/sysctl/kernel.txt |   13 +++++++++++
 arch/x86/Kconfig.debug          |   11 +++++++++
 arch/x86/kernel/irq_32.c        |    2 ++
 arch/x86/kernel/irq_64.c        |   46 ++++++++++++++++++++++++++++++++++++---
 include/linux/kernel.h          |    1 +
 include/linux/sysctl.h          |    1 +
 kernel/sysctl.c                 |    9 ++++++++
 kernel/sysctl_binary.c          |    1 +
 8 files changed, 80 insertions(+), 4 deletions(-)

-- 
Mitsuo Hayasaka (mitsuo.hayasaka.hu@...achi.com)
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ