| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 8 Mar 2016 17:20:46 +0100
From: Ingo Molnar <mingo@...nel.org>
To: Stas Sergeev <stsp@...t.ru>
Cc: linux-kernel@...r.kernel.org,
Andy Lutomirski <luto@...capital.net>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>,
"H. Peter Anvin" <hpa@...or.com>, x86@...nel.org,
Borislav Petkov <bp@...e.de>, Brian Gerst <brgerst@...il.com>,
Oleg Nesterov <oleg@...hat.com>,
Richard Weinberger <richard@....at>,
Stas Sergeev <stsp@...rs.sourceforge.net>
Subject: Re: [PATCH] [Cleanup] x86: signal: unify the sigaltstack check with
other arches
* Stas Sergeev <stsp@...t.ru> wrote:
> 25.02.2016 11:25, Ingo Molnar пишет:
> >
> > * Stas Sergeev <stsp@...t.ru> wrote:
> >
> >> Currently x86's get_sigframe() checks for "current->sas_ss_size"
> >> to determine whether there is a need to switch to sigaltstack.
> >> The common practice used by all other arches is to check for
> >> sas_ss_flags(sp) == 0
> >>
> >> This patch makes the code consistent with other arches.
> >> The slight complexity of the patch is added by the optimization on
> >> !sigstack check that was requested by Andy Lutomirski: sas_ss_flags(sp)==0
> >> already implies that we are not on a sigstack, so the code is shuffled
> >> to avoid the duplicate checking.
> >
> > So this changelog is missing an analysis about what effect this change will have
> > on applications. Can any type of user-space code see a change in behavior? If yes,
> > what will happen and is that effect desirable?
> This is a clean-up, and as such, there is no visible effect.
> If there is - it is a bug.
> The purpose of this patch is only to unify the x86 code with
> what all the other arches do. It was initially the part of the
> rejected series, but now it is just a clean-up.
Ok, so AFAICS the relevant change is:
- if (current->sas_ss_size)
- sp = current->sas_ss_sp + current->sas_ss_size;
+ if (sas_ss_flags(sp) == 0)
+ sp = current->sas_ss_sp + current->sas_ss_size;
and since sas_ss_flags() is defined as:
static inline int sas_ss_flags(unsigned long sp)
{
if (!current->sas_ss_size)
return SS_DISABLE;
return on_sig_stack(sp) ? SS_ONSTACK : 0;
}
sas_ss_flags() returns 0 iff current->sas_ss_size && !on_sig_stack().
But we already have on_sig_stack(sp) calculated. Why not write that as:
+ if (current->sas_ss_size && !onsigstack)
+ sp = current->sas_ss_sp + current->sas_ss_size;
and since we check '!onsigstack' in both branches, we might as well factor it out
into a single condition ... and arrive to the exact code that we began with.
So what happened is that every other arch has a non-optimal version of this
function.
And if you look at the x86-32 defconfig build size difference:
text data bss dec hex filename
4155 0 0 4155 103b signal.o.before
4299 0 0 4299 10cb signal.o.after
i.e. your patch increases the generated code size. So I don't see the upside.
If this is really duplicated across architectures then we should perhaps try to
factor out this check into kernel/signal.c or so, and share it between
architectures more seriously?
Thanks,
Ingo
Powered by blists - more mailing lists