lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4477439.hqSlFvdEBH@wuerfel>
Date:	Tue, 21 Jun 2016 17:42:39 +0200
From:	Arnd Bergmann <arnd@...db.de>
To:	Joseph Myers <joseph@...esourcery.com>
Cc:	Yury Norov <ynorov@...iumnetworks.com>, libc-alpha@...rceware.org,
	linux-kernel@...r.kernel.org, catalin.marinas@....com,
	marcus.shawcroft@....com, philb@....org, davem@...emloft.net,
	szabolcs.nagy@....com, maxim.kuvyrkov@...aro.org, pinskia@...il.com
Subject: Re: [PATCH 23/27] [AARCH64] delouse input arguments in system functions

On Tuesday, June 21, 2016 10:36:53 AM CEST Joseph Myers wrote:
> On Tue, 21 Jun 2016, Yury Norov wrote:
> 
> > Signed-off-by: Yury Norov <ynorov@...iumnetworks.com>
> 
> You're missing a patch description.  What does "delouse" even mean?  What 
> is the ABI peculiarity that means there are ABI-conforming arguments to 
> these functions that need such a manipulation?
> 

This is the term the kernel uses for making sure that no system call
from user space passes data in the upper bits of the argument registers,
which could end up being used in an exploit when the calling conventions
between functions assume that the upper bits contain zeroes.

I don't think there is any point in doing this in glibc though: we
can safely assume that any application calling into glibc follows
the documented calling conventions (it would otherwise be a bug),
but the kernel still has to zero those registers because malicious
user space code would simply execute the system call instruction
directly instead of calling into glibc...

	Arnd

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ