| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20150428142655.GG5029@twins.programming.kicks-ass.net> Date: Tue, 28 Apr 2015 16:26:55 +0200 From: Peter Zijlstra <peterz@...radead.org> To: Josh Poimboeuf <jpoimboe@...hat.com> Cc: Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, "H. Peter Anvin" <hpa@...or.com>, Michal Marek <mmarek@...e.cz>, x86@...nel.org, live-patching@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH 1/2] x86, stackvalidate: Compile-time stack frame pointer validation On Tue, Apr 28, 2015 at 09:21:05AM -0500, Josh Poimboeuf wrote: > > > I tried that, but I discovered that gcc's usage of frame pointers would > > > be a lot harder to validate. It only sets up the frame pointer in code > > > paths which have call instructions. There are a lot of functions which > > > have conditional jumps at the beginning which can jump straight to a > > > return instruction without first doing the frame pointer setup. > > > > Hmm, would not such code break your patching? > > No, because we'll also do some runtime stack validation (which will be a > future patch set). If we detect preemption or an irq frame on the > stack, we'll assume the stack is unreliable and delay the patching of > the task (*). Ah, which fixes your second issue too (the interrupt before frame setup). OK. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists