| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20150821075449.GA10443@gmail.com> Date: Fri, 21 Aug 2015 09:54:49 +0200 From: Ingo Molnar <mingo@...nel.org> To: Josh Poimboeuf <jpoimboe@...hat.com> Cc: Andrew Morton <akpm@...ux-foundation.org>, Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, "H. Peter Anvin" <hpa@...or.com>, x86@...nel.org, linux-kernel@...r.kernel.org, Michal Marek <mmarek@...e.cz>, Peter Zijlstra <peterz@...radead.org>, Andy Lutomirski <luto@...nel.org>, Borislav Petkov <bp@...en8.de>, Linus Torvalds <torvalds@...ux-foundation.org>, Andi Kleen <andi@...stfloor.org>, Pedro Alves <palves@...hat.com>, Namhyung Kim <namhyung@...il.com>, Bernd Petrovitsch <bernd@...rovitsch.priv.at>, Chris J Arges <chris.j.arges@...onical.com>, live-patching@...r.kernel.org Subject: Re: [PATCH v10 03/20] x86/stackvalidate: Compile-time stack validation * Josh Poimboeuf <jpoimboe@...hat.com> wrote: > +Why do we need stack validation? > +-------------------------------- > + > +Here are some of the benefits of validating stack metadata: > + > +a) More reliable stack traces for frame pointer enabled kernels > + > + Frame pointers are used for debugging purposes. They allow runtime > + code and debug tools to be able to walk the stack to determine the > + chain of function call sites that led to the currently executing > + code. > + > + For some architectures, frame pointers are enabled by > + CONFIG_FRAME_POINTER. For some other architectures they may be > + required by the ABI (sometimes referred to as "backchain pointers"). > + > + For C code, gcc automatically generates instructions for setting up > + frame pointers when the -fno-omit-frame-pointer option is used. > + > + But for asm code, the frame setup instructions have to be written by > + hand, which most people don't do. So the end result is that > + CONFIG_FRAME_POINTER is honored for C code but not for most asm code. > + > + For stack traces based on frame pointers to be reliable, all > + functions which call other functions must first create a stack frame > + and update the frame pointer. If a first function doesn't properly > + create a stack frame before calling a second function, the *caller* > + of the first function will be skipped on the stack trace. > + > + The benefit of stackvalidate here is that it ensures that *all* > + functions honor CONFIG_FRAME_POINTER. As a result, no functions will > + ever [*] be skipped on a stack trace. > + > + [*] unless an interrupt or exception has occurred at the very > + beginning of a function before the stack frame has been created, > + or at the very end of the function after the stack frame has been > + destroyed. This is an inherent limitation of frame pointers. What this section does not point out is the actual effects of missing frame pointer annotations. I.e. how about quoting a before/after stack backtrace to demonstrate it? Thanks, Ingo -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists