lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 29 Mar 2017 14:30:02 -0700 From: Linus Torvalds <torvalds@...ux-foundation.org> To: Kees Cook <keescook@...omium.org> Cc: "H. Peter Anvin" <hpa@...or.com>, LKML <linux-kernel@...r.kernel.org>, Rik van Riel <riel@...hat.com>, Andy Lutomirski <luto@...nel.org>, Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, "x86@...nel.org" <x86@...nel.org>, Paolo Bonzini <pbonzini@...hat.com>, Radim Krčmář <rkrcmar@...hat.com>, Peter Zijlstra <peterz@...radead.org>, Dave Hansen <dave.hansen@...ux.intel.com>, Yu-cheng Yu <yu-cheng.yu@...el.com>, Masahiro Yamada <yamada.masahiro@...ionext.com>, Borislav Petkov <bp@...e.de>, Christian Borntraeger <borntraeger@...ibm.com>, Thomas Garnier <thgarnie@...gle.com>, Brian Gerst <brgerst@...il.com>, He Chen <he.chen@...ux.intel.com>, Mathias Krause <minipli@...glemail.com>, Fenghua Yu <fenghua.yu@...el.com>, Piotr Luc <piotr.luc@...el.com>, Kyle Huey <me@...ehuey.com>, Len Brown <len.brown@...el.com>, KVM <kvm@...r.kernel.org>, "kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com> Subject: Re: [PATCH] x86/fpu: move FPU state into separate cache On Wed, Mar 29, 2017 at 2:09 PM, Kees Cook <keescook@...omium.org> wrote: > > They're adjacent already, which poses a problem for the struct layout > randomization plugin, since adjacency may no longer be true (after > layout randomization). T What? The layout randomization can't change anything, if you just make the adjacency be done explicitly instead of by having the thing be a fixed member. The trivial model might be to just declare the fpu part as an unsized array at the end: /* Floating point and extended processor state */ struct fpu fpu[]; because there is no way in hell that any randomization code can move those kinds of unsized arrays around. If it does, the gcc plugin is such unbelievable garbage that it would be insane to depend on such shit in the first place. Linus
Powered by blists - more mailing lists