lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20180510101406.GA12217@hirez.programming.kicks-ass.net>
Date:   Thu, 10 May 2018 12:14:06 +0200
From:   Peter Zijlstra <peterz@...radead.org>
To:     Alexey Budankov <alexey.budankov@...ux.intel.com>
Cc:     Ingo Molnar <mingo@...nel.org>,
        Arnaldo Carvalho de Melo <acme@...nel.org>,
        Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
        Jiri Olsa <jolsa@...hat.com>,
        Namhyung Kim <namhyung@...nel.org>,
        Andi Kleen <ak@...ux.intel.com>,
        linux-kernel <linux-kernel@...r.kernel.org>,
        linux-perf-users@...r.kernel.org, Andy Lutomirski <luto@...nel.org>
Subject: Re: [PATCH v2]: perf/x86: store user space frame-pointer value on a
 sample

On Thu, May 10, 2018 at 12:42:38PM +0300, Alexey Budankov wrote:
> > The Changelog needs to state that user_regs->bp is in fact valid and
> 
> That actually was tested on binaries compiled without and with BP exposed 
> and in the latter case proved the value of that change.

Mostly works is not the same as 'always initialized', if there are entry
paths that do not store that register, then using the value might leak
values from the kernel stack, which would be bad.

But like said, I think much of the kernel entry code was sanitized with
the PTI effort and I suspect things are in fact fine now, but lets wait
for Andy to confirm.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ