lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 7 Feb 2017 16:03:01 +0000
From:   Mark Rutland <mark.rutland@....com>
To:     Peter Zijlstra <peterz@...radead.org>
Cc:     Kees Cook <keescook@...omium.org>,
        "Reshetova, Elena" <elena.reshetova@...el.com>,
        Greg KH <gregkh@...uxfoundation.org>,
        Arnd Bergmann <arnd@...db.de>,
        Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...nel.org>,
        "H. Peter Anvin" <h.peter.anvin@...el.com>,
        Will Deacon <will.deacon@....com>,
        David Windsor <dwindsor@...il.com>,
        Hans Liljestrand <ishkamiel@...il.com>,
        David Howells <dhowells@...hat.com>,
        LKML <linux-kernel@...r.kernel.org>,
        "kernel-hardening@...ts.openwall.com" 
        <kernel-hardening@...ts.openwall.com>
Subject: Re: [kernel-hardening] Re: [PATCH 4/4] refcount: Report failures
 through CHECK_DATA_CORRUPTION

On Tue, Feb 07, 2017 at 04:07:37PM +0100, Peter Zijlstra wrote:
> On Tue, Feb 07, 2017 at 01:50:20PM +0000, Mark Rutland wrote:
> > > Right something along those lines. (a) will need GCC help, and (b) would
> > > be kernel-arch specific. So this isn't something we can quickly do.
> > 
> > I agree this isn't something that can be hacked together quickly, and
> > certainly shouldn't block these patches.
> > 
> > However, I don't think we need anything new from GCC, and I think we
> > already have a generic API for (b).
> > 
> > For (a) we don't need new GCC help if we do something like we did in
> > commit 72c5839515260dce to do the mangling. Prepend a prefix to the
> > register, e.g. changing 'x0' to '__pt_regs_offset_x0', which we arrange
> > to hold the correct value.
> 
> I'm not sure I can decipher that commit and therefore have no idea if
> something similar can be done for other architectures.

For x86 it's a little painful due to '%' in the register names, but it looks
possible. The below appears to do the mangling correctly (then screams due to
the mangled result being nonexistent).

Thanks,
Mark.

---->8----
#define cmpxchg(ptr, old, new)						\
({									\
	typeof(*ptr) __ret;						\
	typeof(*ptr) __old = (old);					\
	typeof(*ptr) __new = (new);					\
									\
	volatile unsigned int *__ptr = (volatile unsigned int *)ptr;	\
	asm volatile("cmpxchgl %2, %1"					\
		     : "=a" (__ret), "+m" (*__ptr)			\
		     : "r" (__new), "0" (__old)				\
		     : "memory");					\
	__ret;								\
})

asm(
"	.macro	reg_to_offset	r\n"
"	.irp rs,eax,ebx,ecx,edx\n"
"	.ifc \\r, %\\rs\n"
"	__offset_of_\\rs\n"
"	.endif\n"
"	.endr\n"
"	.endm\n"
);

#define asm_sym(var)		asm volatile("reg_to_offset %0\n" : : "r" (var))

int foo(void)
{
	unsigned int mem = 0;
	unsigned int new;
	int bar = 7, baz = 11;

	new = cmpxchg(&mem, 1, 2);
	asm_sym(new);
}

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ