lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Thu,  4 Sep 2014 15:50:22 +0100
From:	Aaron Tomlin <atomlin@...hat.com>
To:	peterz@...radead.org
Cc:	mingo@...hat.com, dzickus@...hat.com, bmr@...hat.com,
	jcastillo@...hat.com, atomlin@...hat.com, oleg@...hat.com,
	pzijlstr@...hat.com, riel@...hat.com, linux-kernel@...r.kernel.org,
	tglx@...utronix.de, x86@...nel.org, rostedt@...dmis.org,
	hannes@...xchg.org, aneesh.kumar@...ux.vnet.ibm.com,
	akpm@...ux-foundation.org, linuxppc-dev@...ts.ozlabs.org,
	minchan@...nel.org
Subject: [PATCH 0/2] sched: Always check the integrity of the canary

Currently in the event of a stack overrun a call to schedule()
does not check for this type of corruption. This corruption is
often silent and can go unnoticed. However once the corrupted
region is examined at a later stage, the outcome is undefined
and often results in a sporadic page fault which cannot be
handled.

The first patch provides a helper to determine the integrity
of the canary. While the second patch checks for a stack
overrun and takes appropriate action since the damage is
already done, there is no point in continuing.

Aaron Tomlin (2):
  sched: Add helper for task stack page overrun checking
  sched: BUG when stack end location is over written

 arch/powerpc/mm/fault.c    | 6 ++----
 arch/x86/mm/fault.c        | 5 +----
 include/linux/sched.h      | 3 +++
 kernel/sched/core.c        | 3 +++
 kernel/trace/trace_stack.c | 5 ++---
 5 files changed, 11 insertions(+), 11 deletions(-)

-- 
1.9.3

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ