| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20160112193710.GM30558@pd.tnic>
Date: Tue, 12 Jan 2016 20:37:10 +0100
From: Borislav Petkov <bp@...en8.de>
To: Josh Poimboeuf <jpoimboe@...hat.com>
Cc: Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>,
"H. Peter Anvin" <hpa@...or.com>, x86@...nel.org,
linux-kernel@...r.kernel.org, live-patching@...r.kernel.org,
Michal Marek <mmarek@...e.cz>,
Peter Zijlstra <peterz@...radead.org>,
Andy Lutomirski <luto@...nel.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Andi Kleen <andi@...stfloor.org>,
Pedro Alves <palves@...hat.com>,
Namhyung Kim <namhyung@...il.com>,
Bernd Petrovitsch <bernd@...rovitsch.priv.at>,
Chris J Arges <chris.j.arges@...onical.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Jiri Slaby <jslaby@...e.cz>,
Arnaldo Carvalho de Melo <acme@...nel.org>
Subject: Re: [PATCH v15 13/25] x86/reboot: Add ljmp instructions to stacktool
whitelist
On Tue, Jan 12, 2016 at 12:56:06PM -0600, Josh Poimboeuf wrote:
> I'd say those are all weird things that C code should _normally_ not do
> (especially emitting fake instructions!).
The kernel does weird things, that's fine.
> Generally I agree (but I don't know what other tools you're talking
> about which require adding clutter).
kasan and kmemleak, for example.
> As I said there's hopefully only a handful of code locations which
> need the STACKTOOL_IGNORE stuff.
Can you get rid of them too?
> For example, how can it possibly grok a fake xen instruction without
> some kind of a whitelist, either hard-coded in the tool or annotated
> some other way?
I'd much prefer a whitelist which the tool parses, loads, etc, if you
don't want to hardcode it, to annotating kernel code.
> For example, how can it possibly grok a fake xen instruction without
> some kind of a whitelist, either hard-coded in the tool or annotated
> some other way?
Pointer to the place? I could take a look when I get a chance.
> Saying nothing at all in order to prevent false positives would also
> by definition allow some false negatives, which would make stacktool
> useless for its intended purpose of enabling reliable stack traces.
I'd take output from the tool anyday of the week which says something
like: "Looka here, this looks funny, you might want to do something
about it." than imposing annotations on code.
It might even move people into rewriting the code into tool-compliant
version.
--
Regards/Gruss,
Boris.
ECO tip #101: Trim your mails when you reply.
Powered by blists - more mailing lists