lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 21 Feb 2012 10:54:32 -0800
From:	Andrew Lutomirski <luto@....edu>
To:	"H. Peter Anvin" <hpa@...or.com>
Cc:	linux-kernel@...r.kernel.org, linux-arch@...r.kernel.org,
	mingo@...nel.org, tglx@...utronix.de,
	torvalds@...ux-foundation.org, akpm@...ux-foundation.org,
	hjl.tools@...il.com
Subject: Re: [PATCH 30/30] x32: Add x32 VDSO support

On Tue, Feb 21, 2012 at 9:51 AM, H. Peter Anvin <hpa@...or.com> wrote:
> On 02/21/2012 08:52 AM, Andrew Lutomirski wrote:
>>>
>>>
>>> What about non-glibc?
>>
>>
>> IMO non-glibc users should just call __vdso_clock_gettime, etc.
>> Currently, code like:
>>
>> if (clock_gettime(whatever) == -1)
>>   handle_the_error();
>>
>> is correct when linked against glibc but incorrect when linked
>> directly against the vdso.
>>
>
> The issue is what uclibc, Bionic, etc. actually do.

AFAICS Bionic only works on x86-32 and calls clock_gettime via
hardcoded int 0x80, written in assembly (!).  uclibc calls
__vdso_getcpu and does not seem to use the other vdso calls.  On a
cursory inspection, klibc uses neither the vsyscall page nor the vdso.

I doubt that there's any existing libc replacement that uses the
non-prefixed vdso entries and that already works on x32 -- that would
be impressive.  I'm not suggesting changing anything in the x86-64
vdso.

uclibc hardcodes a call to the vsyscall gettimeofday implementation in
its locking primitives, which probably gives terrible performance, but
that's a separate issue.  I think do_emulate_vsyscall should send a
segfault if called by an x32 task -- there's some security benefit to
doing so, and there's unlikely to be any downside.

--Andy
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ