lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 10 Jun 2015 16:11:04 +0200
From:	Andi Kleen <andi@...stfloor.org>
To:	Josh Poimboeuf <jpoimboe@...hat.com>
Cc:	Andi Kleen <andi@...stfloor.org>,
	Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...hat.com>,
	"H. Peter Anvin" <hpa@...or.com>, Michal Marek <mmarek@...e.cz>,
	Peter Zijlstra <peterz@...radead.org>,
	Andy Lutomirski <luto@...nel.org>,
	Borislav Petkov <bp@...en8.de>,
	Linus Torvalds <torvalds@...ux-foundation.org>, x86@...nel.org,
	live-patching@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v5 00/10] x86/asm: Compile-time asm code validation

> In most cases there are ways to keep the optimizations.  For example:
> 
> - grow the function bounds to keep the jump internal

So you mean moving it after the ret? That still means icache bloat.

> - duplicate the destination code inside the function
> - convert the jump to a call

That all won't work for a lot of cases.


> Also note that these rules only affect _callable_ functions, so the
> entry code and other non-function asm code can still be a pile of
> spaghetti (though I think Andy is working on improving that).

Thank you for your kind words.

> > In fact even gcc with the right options can generate code that violates
> > this. Standard Linux constructions, such as exception handling,
> > also violate this.
> >
> > If your tool needs that your tool is broken.
> 
> This tool only validates asm code, so I don't see how whatever gcc does
> is relevant.

Whoever needs it would need it everywhere, right? If it's not needed
for gcc then it shouldn't be needed for assembler code either.

BTW the way gcc handles it is to use the dwarf 4 extensions that
can describe non contiguous sections.`

-Andi
-- 
ak@...ux.intel.com -- Speaking for myself only.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ