| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <57147837.2030706@zytor.com> Date: Sun, 17 Apr 2016 23:01:27 -0700 From: "H. Peter Anvin" <hpa@...or.com> To: Andy Lutomirski <luto@...capital.net> Cc: Ben Hutchings <ben@...adent.org.uk>, Andy Lutomirski <luto@...nel.org>, X86 ML <x86@...nel.org>, LKML <linux-kernel@...r.kernel.org> Subject: Re: [PATCH] x86/entry/x32: Check top 32 bits of syscall number on the fast path On 04/17/16 22:48, Andy Lutomirski wrote: > > I think I prefer the "reject weird input" behavior over the "accept > and normalize weird input" if we can get away with it, and I'm fairly > confident that we can get away with "reject weird input" given that > distro kernels do exactly that already. > It's not "weird", it is the ABI as defined. We have to do this for all the system call arguments, too; you just don't notice it because the compiler does it for us. Some other architectures, e.g. s390, has the opposite convention where the caller is responsible for normalizing the result; in that case we have to do it *again* in the kernel, which is one of the major reasons for the SYSCALL_*() macros. So I'm not sure this is a valid consideration. The reason it generally works is because the natural way for the user space code to work is to load a value into %eax which will naturally zero-extend to %rax, but it isn't inherently required to work that way. -hpa
Powered by blists - more mailing lists