lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <87lglpp4et.fsf@linux.vnet.ibm.com>
Date:   Fri, 08 Sep 2017 12:59:38 -0300
From:   Thiago Jung Bauermann <bauerman@...ux.vnet.ibm.com>
To:     AKASHI Takahiro <takahiro.akashi@...aro.org>
Cc:     Mark Rutland <mark.rutland@....com>, catalin.marinas@....com,
        will.deacon@....com, dhowells@...hat.com, vgoyal@...hat.com,
        herbert@...dor.apana.org.au, davem@...emloft.net,
        akpm@...ux-foundation.org, mpe@...erman.id.au, dyoung@...hat.com,
        bhe@...hat.com, arnd@...db.de, ard.biesheuvel@...aro.org,
        kexec@...ts.infradead.org, linux-kernel@...r.kernel.org,
        linux-arm-kernel@...ts.infradead.org
Subject: Re: [PATCH 09/14] arm64: kexec_file: add sha256 digest check in purgatory


AKASHI Takahiro <takahiro.akashi@...aro.org> writes:
> On Fri, Aug 25, 2017 at 11:41:33AM +0100, Mark Rutland wrote:
>> On Fri, Aug 25, 2017 at 10:21:06AM +0900, AKASHI Takahiro wrote:
>> > On Thu, Aug 24, 2017 at 06:04:40PM +0100, Mark Rutland wrote:
>> > > On Thu, Aug 24, 2017 at 05:18:06PM +0900, AKASHI Takahiro wrote:
>> > > > +void *memcpy(void *dst, const void *src, size_t len)
>> > > > +{
>> > > > +	int i;
>> > > > +
>> > > > +	for (i = 0; i < len; i++)
>> > > > +		((u8 *)dst)[i] = ((u8 *)src)[i];
>> > > > +
>> > > > +	return NULL;
>> > > > +}
>> > > > +
>> > > > +void *memset(void *dst, int c, size_t len)
>> > > > +{
>> > > > +	int i;
>> > > > +
>> > > > +	for (i = 0; i < len; i++)
>> > > > +		((u8 *)dst)[i] = (u8)c;
>> > > > +
>> > > > +	return NULL;
>> > > > +}
>> > > > +
>> > > > +int memcmp(const void *src, const void *dst, size_t len)
>> > > > +{
>> > > > +	int i;
>> > > > +
>> > > > +	for (i = 0; i < len; i++)
>> > > > +		if (*(char *)src != *(char *)dst)
>> > > > +			return 1;
>> > > > +
>> > > > +	return 0;
>> > > > +}
>> > > 
>> > > How is the compiler prevented from "optimising" these into calls to
>> > > themselves?
>> > 
>> > I don't get what you mean by "calls to themselves."
>> 
>> There are compiler optimizations that recognise sequences like:
>> 
>> 	for (i = 0; i < len; i++)
>> 		dst[i] = src[i];
>> 
>> ... and turn those into:
>> 
>> 	memcpy(dst, src, len);
>> 
>> ... these have been known to "optimize" memcpy implementations into
>> calls to themselves. Likewise for other string operations.
>> 
>> One way we avoid that today is by writing our memcpy in assembly.
>
> I see, thanks.
>
>> Do we have a guarnatee that this will not happen here? e.g. do we pass
>> some compiler flag that prevents this?
>
> I don't know any options to do this.
> (maybe -nostdlib?)

kexec-tools calls gcc with -fno-builtin -ffreestanding (though according
to the man page, the former is implied in the latter), which tells the
compiler that the standard library may not exist. I don't know
specifically that this options turns off the memcpy optimization, but it
seems logical that it does.

-- 
Thiago Jung Bauermann
IBM Linux Technology Center

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ