| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20170712212744.23660-1-mka@chromium.org>
Date: Wed, 12 Jul 2017 14:27:44 -0700
From: Matthias Kaehlcke <mka@...omium.org>
To: Chris J Arges <chris.j.arges@...onical.com>,
Josh Poimboeuf <jpoimboe@...hat.com>,
Borislav Petkov <bp@...e.de>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>,
"H . Peter Anvin" <hpa@...or.com>
Cc: x86@...nel.org, linux-kernel@...r.kernel.org,
Douglas Anderson <dianders@...omium.org>,
Michael Davidson <md@...gle.com>,
Greg Hackmann <ghackmann@...gle.com>,
Nick Desaulniers <ndesaulniers@...gle.com>,
Stephen Hines <srhines@...gle.com>,
Kees Cook <keescook@...omium.org>,
Arnd Bergmann <arnd@...db.de>,
Bernhard.Rosenkranzer@...aro.org,
Matthias Kaehlcke <mka@...omium.org>
Subject: [PATCH] Revert "x86/uaccess: Add stack frame output operand in get_user() inline asm"
Commit f05058c4d652 supposedly "forces a stack frame to be created before
the inline asm code if CONFIG_FRAME_POINTER is enabled by listing the
stack pointer as an output operand for the get_user() inline assembly
statement.". This doesn't work as intended, at least with gcc v4.9.2 and
x86-64 the generated code is exactly the same with and without the patch.
However clang adds an extra instruction that adjusts %rsp, which ends up
causing double faults all over the place.
Signed-off-by: Matthias Kaehlcke <mka@...omium.org>
---
arch/x86/include/asm/uaccess.h | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/arch/x86/include/asm/uaccess.h b/arch/x86/include/asm/uaccess.h
index 476ea27f490b..9ec2beab73df 100644
--- a/arch/x86/include/asm/uaccess.h
+++ b/arch/x86/include/asm/uaccess.h
@@ -161,11 +161,10 @@ __typeof__(__builtin_choose_expr(sizeof(x) > sizeof(0UL), 0ULL, 0UL))
({ \
int __ret_gu; \
register __inttype(*(ptr)) __val_gu asm("%"_ASM_DX); \
- register void *__sp asm(_ASM_SP); \
__chk_user_ptr(ptr); \
might_fault(); \
- asm volatile("call __get_user_%P4" \
- : "=a" (__ret_gu), "=r" (__val_gu), "+r" (__sp) \
+ asm volatile("call __get_user_%P3" \
+ : "=a" (__ret_gu), "=r" (__val_gu) \
: "0" (ptr), "i" (sizeof(*(ptr)))); \
(x) = (__force __typeof__(*(ptr))) __val_gu; \
__builtin_expect(__ret_gu, 0); \
--
2.13.2.932.g7449e964c-goog
Powered by blists - more mailing lists