| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 18 May 2018 09:15:59 +0200
From: Ingo Molnar <mingo@...nel.org>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Josh Poimboeuf <jpoimboe@...hat.com>,
Alexey Dobriyan <adobriyan@...il.com>,
Peter Anvin <h.peter.anvin@...el.com>,
kernel test robot <xiaolong.ye@...el.com>,
Thomas Gleixner <tglx@...utronix.de>,
Andrew Lutomirski <luto@...nel.org>,
Borislav Petkov <bp@...en8.de>,
Brian Gerst <brgerst@...il.com>,
Denys Vlasenko <dvlasenk@...hat.com>,
Peter Zijlstra <peterz@...radead.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Peter Anvin <hpa@...or.com>, tipbuild@...or.com,
LKP <lkp@...org>
Subject: Re: [lkp-robot] [x86/asm] 51bad67ffb: int3:#[##]
* Linus Torvalds <torvalds@...ux-foundation.org> wrote:
> On Tue, May 15, 2018 at 3:43 PM Josh Poimboeuf <jpoimboe@...hat.com> wrote:
>
> > Glancing through the 32-bit and 64-bit entry code, I didn't see any more
> > cases. At least it will fail loudly if any such cases do still exist.
>
> \Will it? Do we have objtool checks for it now?
>
> Because without static checks, there could be things hiding that just don't
> happen normally (think compat code etc that for most people is just dead
> code).
And it's not just about infrequent uses, it's also about hard to debug crashes
like in suspend/resume code, where people can only report "machine is dead".
So I'm not sure this side effect of turning padding into crashes is good for
overall robustness, without static analysis finding such bugs.
Thanks,
Ingo
Powered by blists - more mailing lists