| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <54985F05.2040603@oracle.com> Date: Mon, 22 Dec 2014 13:12:21 -0500 From: Sasha Levin <sasha.levin@...cle.com> To: Andrey Ryabinin <ryabinin.a.a@...il.com>, "Eric W. Biederman" <ebiederm@...ssion.com> CC: LKML <linux-kernel@...r.kernel.org>, linux-fsdevel <linux-fsdevel@...r.kernel.org>, Al Viro <viro@...iv.linux.org.uk>, "davej @mail.xmission.com>> Dave Jones" <davej@...hat.com> Subject: Re: fs: proc: gpf in find_entry On 12/22/2014 12:52 PM, Andrey Ryabinin wrote: > 2014-12-22 18:51 GMT+03:00 Eric W. Biederman <ebiederm@...ssion.com>: >> These two instructions: >>>> 11: 4d 85 ff test %r15,%r15 >>>> 14: 0f 84 de 01 00 00 je 0x1f8 >> >> Should prevent a NULL %r15 value from ever reaching the trapping >> instruction. > > If they were executed, then yes. But I think there was jump from somewhere > to the instructions below those two. There is indeed a jump direct to that point, which avoids the %r15 check. >> What other horrible things does KASAN do to the machine code? >> > > kasan insert something like following before any memory access: > > s8 *shadow_addr = (add >> 3) + shadow_offset; > > if (unlikely(*shadow_addr)) > if (unlikely(addr & 7 >= *shadow_addr)) > report_bug(addr); > > > I suspect that Sasha is using kasan along with ubsan. > In that case generated code much more horrid. It's not *that* bad :) Thanks, Sasha -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists