lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 27 Feb 2019 08:18:21 -0800
From:   Linus Torvalds <>
To:     Peter Zijlstra <>
Cc:     Thomas Gleixner <>, Peter Anvin <>,
        Julien Thierry <>,
        Will Deacon <>,
        Andy Lutomirski <>,
        Ingo Molnar <>,
        Catalin Marinas <>,
        James Morse <>,,
        Brian Gerst <>,
        Josh Poimboeuf <>,
        Andrew Lutomirski <>,
        Borislav Petkov <>,
        Denys Vlasenko <>,
        Linux List Kernel Mailing <>,
        Andrey Ryabinin <>,
        Alexander Potapenko <>,
        Dmitry Vyukov <>
Subject: Re: [PATCH 5/6] objtool: Add UACCESS validation

On Wed, Feb 27, 2019 at 6:08 AM Peter Zijlstra <> wrote:
> So KASAN is wildly unhappy..

Yeah, well, with KASAN you definitely end up doing lots and lots for
calls for just regular memory accesses.

Which we obviously need to do for most uaccess cases.

I think you should just say "ok, kasan reporting will possibly run with AC on".

Again, having AC on isn't fatal. It just makes the window where you
can incorrectly access user space through a wild pointer bigger.

So the whole "run with AC on" thing isn't a big deal, apart from the
scheduling case.

And we know how to fix the scheduling case by just doing the
save/restore thing..


Powered by blists - more mailing lists