lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20180214224525.esxiqt7yjjjpzyz4@treble>
Date:   Wed, 14 Feb 2018 16:45:25 -0600
From:   Josh Poimboeuf <jpoimboe@...hat.com>
To:     Arnd Bergmann <arnd@...db.de>
Cc:     Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        stable <stable@...r.kernel.org>,
        Peter Zijlstra <peterz@...radead.org>
Subject: Re: objtool warnings on 4.14-stable/gcc-7.3.0

On Wed, Feb 14, 2018 at 04:24:12PM -0600, Josh Poimboeuf wrote:
> On Wed, Feb 14, 2018 at 04:11:15PM +0100, Arnd Bergmann wrote:
> > Hi Josh,
> > 
> > I recently did some randconfig testing with a plain 4.14-stable kernel
> > and gcc-7.3.0, and came across three distinct objtool warnings:
> > 
> > drivers/misc/lkdtm_bugs.o: warning: objtool:
> > lkdtm_CORRUPT_LIST_ADD()+0x15: return with modified stack frame

While this is probably an objtool bug, the code is very odd:

00000000000001a8 <lkdtm_CORRUPT_LIST_ADD>:
 1a8:   e8 00 00 00 00          callq  1ad <lkdtm_CORRUPT_LIST_ADD+0x5>
                        1a9: R_X86_64_PC32      __fentry__-0x4
 1ad:   55                      push   %rbp
 1ae:   48 89 e5                mov    %rsp,%rbp
 1b1:   48 83 e4 f0             and    $0xfffffffffffffff0,%rsp
 1b5:   48 83 ec 20             sub    $0x20,%rsp
 1b9:   48 89 ec                mov    %rbp,%rsp
 1bc:   5d                      pop    %rbp
 1bd:   c3                      retq

The function just allocates/aligns its stack space and then returns.  It
seems like GCC was too smart for its own good here, as the function
doesn't test what it's supposed to.  Can you share the config for this
one?

> > crypto/asymmetric_keys/x509_cert_parser.o: warning: objtool:
> > x509_note_pkey_algo()+0xa4: sibling call from callable instruction
> > with modified stack frame

>From a quick glance, this looks like yet another switch statement
detection issue.  I'll need to dig into it more (unless PeterZ, my shiny
new co-maintainer, wants to take a look!)

-- 
Josh

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ