| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 7 Jan 2016 11:16:13 -0800 From: Kees Cook <keescook@...omium.org> To: Geert Uytterhoeven <geert@...ux-m68k.org> Cc: Russell King - ARM Linux <linux@....linux.org.uk>, Arnd Bergmann <arnd@...db.de>, Simon Horman <horms+renesas@...ge.net.au>, Geert Uytterhoeven <geert+renesas@...der.be>, Laurent Pinchart <laurent.pinchart@...asonboard.com>, Magnus Damm <damm+renesas@...nsource.se>, "linux-arm-kernel@...ts.infradead.org" <linux-arm-kernel@...ts.infradead.org>, LKML <linux-kernel@...r.kernel.org> Subject: Re: [PATCH v3] ARM: fix atags_to_fdt with stack-protector-strong On Thu, Jan 7, 2016 at 11:11 AM, Geert Uytterhoeven <geert@...ux-m68k.org> wrote: > Hi Kees, > > On Thu, Jan 7, 2016 at 7:40 PM, Kees Cook <keescook@...omium.org> wrote: >>> Also, I suspect that all of the decompressor should be built with >>> -fno-stack-protector as we don't have sufficient environment here. >>> Maybe it should be placed in the global CFLAGS for the decompressor? >> >> I prefer keeping it disabled in as narrow a range as possible. If >> other code gains a level of complexity that it triggers the stack >> protector code insertion, I think that's worth examining when it >> happens. If this ever becomes an actual burden, then yeah, let's do it >> for the whole decompressor, but I think it'd be best to revisit it if >> it happens again. > > What's the failure mode if the stack protector code insertion is triggered? AIUI, this code shouldn't even link if the ssp code gets inserted since it can't resolve __stack_chk_fail. -Kees -- Kees Cook Chrome OS & Brillo Security
Powered by blists - more mailing lists