| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20180110043751.GK6718@tassilo.jf.intel.com>
Date: Tue, 9 Jan 2018 20:37:51 -0800
From: Andi Kleen <ak@...ux.intel.com>
To: Andy Lutomirski <luto@...capital.net>
Cc: Andi Kleen <andi@...stfloor.org>, tglx@...utronix.de,
x86@...nel.org, linux-kernel@...r.kernel.org,
torvalds@...ux-foundation.org, dwmw@...zon.co.uk, pjt@...gle.com,
luto@...nel.org, peterz@...radead.org, thomas.lendacky@....com,
tim.c.chen@...ux.intel.com, gregkh@...ux-foundation.org,
dave.hansen@...el.com, jikos@...nel.org
Subject: Re: [PATCH v1 6/8] x86/entry/clearregs: Add number of arguments to
syscall tables
On Tue, Jan 09, 2018 at 05:26:43PM -0800, Andy Lutomirski wrote:
>
>
> > On Jan 9, 2018, at 5:03 PM, Andi Kleen <andi@...stfloor.org> wrote:
> >
> > From: Andi Kleen <ak@...ux.intel.com>
> >
> > In order to sanitize the system call arguments properly
> > we need to know the number of syscall arguments for each
> > syscall. Add a new column to the 32bit and 64bit syscall
> > tables to list the number of arguments.
> >
>
> Surely we can do this in the SYSCALL_DEFINE macros. Or at least statically check it.
Possibly. The assembler would be much uglier as inline assembler though.
And adding the number shouldn't be a big burden when adding a system call.
I don't know how to check statically.
>
> Also, what attack are we protecting against anyway?
There's no specific attack here.
But the idea is to make it harder to inject values into the kernel to abuse
with speculation.
-Andi
Powered by blists - more mailing lists