lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAMuHMdV5yA8yyhao8SLCTWmo8bjof-BMQRK_UW+GUGE8pvAdUA@mail.gmail.com>
Date:	Fri, 9 May 2014 20:21:40 +0200
From:	Geert Uytterhoeven <geert@...ux-m68k.org>
To:	Thomas Gleixner <tglx@...utronix.de>
Cc:	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: I'll queue a patch for 3.11 which removes the #ifdef... (was: Re:
 idle: Add the stack canary init to cpu_startup_entry())

On Thu, Jun 20, 2013 at 8:31 PM, Linux Kernel Mailing List
<linux-kernel@...r.kernel.org> wrote:
> Gitweb:     http://git.kernel.org/linus/;a=commit;h=d7880812b3594d3c6dcbe3cfd71dabb17347d082
> Commit:     d7880812b3594d3c6dcbe3cfd71dabb17347d082
> Parent:     c7788792a5e7b0d5d7f96d0766b4cb6112d47d75
> Author:     Thomas Gleixner <tglx@...utronix.de>
> AuthorDate: Mon Jun 10 16:52:03 2013 +0200
> Committer:  Thomas Gleixner <tglx@...utronix.de>
> CommitDate: Tue Jun 11 22:04:47 2013 +0200
>
>     idle: Add the stack canary init to cpu_startup_entry()
>
>     Moving x86 to the generic idle implementation (commit 7d1a9417 "x86:
>     Use generic idle loop") wreckaged the stack protector.
>
>     I stupidly missed that boot_init_stack_canary() must be inlined from a
>     function which never returns, but I put that call into
>     arch_cpu_idle_prepare() which of course returns.
>
>     I pondered to play tricks with arch_cpu_idle_prepare() first, but then
>     I noticed, that the other archs which have implemented the
>     stackprotector (ARM and SH) do not initialize the canary for the
>     non-boot cpus.
>
>     So I decided to move the boot_init_stack_canary() call into
>     cpu_startup_entry() ifdeffed with an CONFIG_X86 for now. This #ifdef
>     is just a temporary measure as I don't want to inflict the
>     boot_init_stack_canary() call on ARM and SH that late in the cycle.
>
>     I'll queue a patch for 3.11 which removes the #ifdef if the ARM/SH
>     maintainers have no objection.

Any progress here?

>     Reported-by: Wouter van Kesteren <woutershep@...il.com>
>     Cc: x86@...nel.org
>     Cc: Russell King <linux@....linux.org.uk>
>     Cc: Paul Mundt <lethal@...ux-sh.org>
>     Signed-off-by: Thomas Gleixner <tglx@...utronix.de>

> diff --git a/kernel/cpu/idle.c b/kernel/cpu/idle.c
> index d5585f5..bf2ee1a 100644
> --- a/kernel/cpu/idle.c
> +++ b/kernel/cpu/idle.c

> @@ -112,6 +113,21 @@ static void cpu_idle_loop(void)
>
>  void cpu_startup_entry(enum cpuhp_state state)
>  {
> +       /*
> +        * This #ifdef needs to die, but it's too late in the cycle to
> +        * make this generic (arm and sh have never invoked the canary
> +        * init for the non boot cpus!). Will be fixed in 3.11
> +        */
> +#ifdef CONFIG_X86
> +       /*
> +        * If we're the non-boot CPU, nothing set the stack canary up
> +        * for us. The boot CPU already has it initialized but no harm
> +        * in doing it again. This is a good place for updating it, as
> +        * we wont ever return from this function (so the invalid
> +        * canaries already on the stack wont ever trigger).
> +        */
> +       boot_init_stack_canary();
> +#endif
>         current_set_polling();
>         arch_cpu_idle_prepare();
>         cpu_idle_loop();

Gr{oetje,eeting}s,

                        Geert

--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@...ux-m68k.org

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
                                -- Linus Torvalds
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ