lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 16 Nov 2016 17:37:00 +0000
From:   alexander.levin@...izon.com
To:     "dvyukov@...gle.com" <dvyukov@...gle.com>
Cc:     "tglx@...utronix.de" <tglx@...utronix.de>,
        "scientist@...com" <scientist@...com>,
        "glider@...gle.com" <glider@...gle.com>,
        "andreyknvl@...gle.com" <andreyknvl@...gle.com>,
        "rostedt@...dmis.org" <rostedt@...dmis.org>,
        "arnd@...db.de" <arnd@...db.de>,
        "mathieu.desnoyers@...icios.com" <mathieu.desnoyers@...icios.com>,
        "daniel.vetter@...ll.ch" <daniel.vetter@...ll.ch>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        alexander.levin@...izon.com
Subject: [RFC 0/3] ABI spec - verification

As discussed at plumbers, having a standard spec for the kernel's ABI has
quite a few uses and enough people wanted it to get the ball rolling.

We agreed that it's desirable to have something that can be used from code
rather than just a spec on paper both for validation and allowing other users
(like fuzzers, userspace libraries, and various userspace tools) to build
on that.

What we ended up deciding on at plumbers is:

 - I'll do a few kernel bits do demonstrate how we can validate the spec from
the kernel.
 - Dmitry Vyukov will provide a way to translate syzkaller's syscall
documentation into something that can be easily used in the kernel and
userspace.
 - Various projects will attempt to integrate it to make sure that the
framework works for them.

Once those bits are done we can focus on getting the spec right, and we'll
have a good way to validate our work both in userspace and in the kernel.

This patchset is a basic draft of said kernel bits. I mostly want to make
sure that Dmitry and myself are on the same page as to how integration will
look like, but also to open it to criticism and suggestions (bikeshedding).


Sasha Levin (3):
  abi_spec: basic definitions of constraints, args and syscalls
  abi_spec: hooks into syscall to allow pre and post checking
  abi_spec: example spec for open(), placeholder for rest of syscalls

 include/linux/syscalls.h      |   7 +-
 include/uapi/linux/abi_spec.h |  58 ++++++
 kernel/Makefile               |   2 +
 kernel/abi_spec.c             | 456 ++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 522 insertions(+), 1 deletion(-)
 create mode 100644 include/uapi/linux/abi_spec.h
 create mode 100644 kernel/abi_spec.c

-- 
2.7.4

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ