| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 27 Nov 2017 22:29:43 -0600
From: Josh Poimboeuf <jpoimboe@...hat.com>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Ingo Molnar <mingo@...nel.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Dave Hansen <dave.hansen@...ux.intel.com>,
Andy Lutomirski <luto@...capital.net>,
Thomas Gleixner <tglx@...utronix.de>,
"H . Peter Anvin" <hpa@...or.com>,
Peter Zijlstra <peterz@...radead.org>,
Borislav Petkov <bp@...en8.de>
Subject: Re: [PATCH 11/21] x86/dumpstack: Handle stack overflow on all stacks
On Mon, Nov 27, 2017 at 11:26:30AM -0800, Linus Torvalds wrote:
> On Mon, Nov 27, 2017 at 2:45 AM, Ingo Molnar <mingo@...nel.org> wrote:
> > From: Andy Lutomirski <luto@...nel.org>
> >
> > We currently special-case stack overflow on the task stack. We're
> > going to start putting special stacks in the fixmap with a custom
> > layout, so they'll have guard pages, too. Teach the unwinder to be
> > able to unwind an overflow of any of the stacks.
>
> Why isn't this together with 01/21? The two cases seem to be entirely
> identical and fundamentally the same issue.
Yeah, they probably do belong in the same patch.
> In fact, maybe the whole "stack overflow" special cases should be in
> "get_stack_info()" itself, rather than be special-cased in the
> callers?
I would be nervous about doing that. Several of the get_stack_info()
callers rely on it being honest.
In fact, looking deeper at the above patch, it doesn't seem convincingly
safe to me. What if the adjacent page doesn't exist? Then when the
oops dumping code dereferences the 'stack' variable, you get an oops in
your oops.
--
Josh
Powered by blists - more mailing lists