| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 6 Oct 2014 17:58:13 -0400 From: Rich Felker <dalias@...c.org> To: David Daney <ddaney@...iumnetworks.com> Cc: David Daney <ddaney.cavm@...il.com>, libc-alpha@...rceware.org, linux-kernel@...r.kernel.org, linux-mips@...ux-mips.org, David Daney <david.daney@...ium.com> Subject: Re: [PATCH resend] MIPS: Allow FPU emulator to use non-stack area. On Mon, Oct 06, 2014 at 02:45:29PM -0700, David Daney wrote: > On 10/06/2014 02:31 PM, Rich Felker wrote: > >On Mon, Oct 06, 2014 at 02:18:19PM -0700, David Daney wrote: > >>>Userspace should play no part in this; requiring userspace to help > >>>make special accomodations for fpu emulation largely defeats the > >>>purpose of fpu emulation. > >> > >>That is certainly one way of looking at it. Really it is opinion, > >>rather than fact though. > > > >It's an opinion, yes, but it has substantial reason behind it. > > > >>GLibc is full of code (see ld.so) that in earlier incantations of > >>Unix/Linux was in kernel space, and was moved to userspace. Given > >>that there is a partitioning of code between kernel space and > >>userspace, I think it not totally unreasonable to consider doing > >>some of this in userspace. > >> > >>Even on systems with hardware FPU, the architecture specification > >>allows for/requires emulation of certain cases (denormals, etc.) So > >>it is already a requirement that userspace cooperate by always > >>having free space below $SP for use by the kernel. So the current > >>situation is that userspace is providing services for the kernel FPU > >>emulator. > >> > >>My suggestion is to change the nature of the way these services are > >>provided by the userspace program. > > > >But this isn't setup by the userspace program. It's setup by the > >kernel on program entry. Despite that, though, I think it's an > >unnecessary (and undocumented!) constraint; the fact that it requires > >the stack to be executable makes it even more harmful and > >inappropriate. > > > > The management of the stack is absolutely done by userspace code. > Any time you do pthread_create(), userspace code does mmap() to > allocate the stack area, it then sets permissions on the area, and > then it passes the address of the area to clone(). This is hardly management. > Furthermore the > userspace code has to be very careful in its use of the $sp > register, so that it doesn't store data in places that will be > used/clobbered by the kernel. This is not "being careful". The stack pointer can never become invalid unless you do wacky things in asm or invoke UB. > All of this is under the control of the userspace program and done > with userspace code. For the most part it just happens by default. There is no particular intentionality needed, and certainly no hideous MIPS-specific hacks needed. > I appreciate the fact that libc authors might prefer *not* to write > more code, but they could, especially if they wanted to add the > feature of non-executable stacks to their library implementation. So your position is that: 1. A non-exec-stack system can only run new code produced to do extra stuff in userspace. 2. The startup code needs to do special work in userspace on MIPS to setup an executable area for fpu emulation. 3. Every call to clone/CLONE_VM needs to be accompanied by a call to mmap and this new syscall to set the address, and every call to SYS_exit needs to be accompanies by a call to munmap for the corresponding mapping. This is a huge ill-designed mess. Rich -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists