| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 27 Feb 2019 08:18:21 -0800
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Peter Zijlstra <peterz@...radead.org>
Cc: Thomas Gleixner <tglx@...utronix.de>, Peter Anvin <hpa@...or.com>,
Julien Thierry <julien.thierry@....com>,
Will Deacon <will.deacon@....com>,
Andy Lutomirski <luto@...capital.net>,
Ingo Molnar <mingo@...nel.org>,
Catalin Marinas <catalin.marinas@....com>,
James Morse <james.morse@....com>, valentin.schneider@....com,
Brian Gerst <brgerst@...il.com>,
Josh Poimboeuf <jpoimboe@...hat.com>,
Andrew Lutomirski <luto@...nel.org>,
Borislav Petkov <bp@...en8.de>,
Denys Vlasenko <dvlasenk@...hat.com>,
Linux List Kernel Mailing <linux-kernel@...r.kernel.org>,
Andrey Ryabinin <aryabinin@...tuozzo.com>,
Alexander Potapenko <glider@...gle.com>,
Dmitry Vyukov <dvyukov@...gle.com>
Subject: Re: [PATCH 5/6] objtool: Add UACCESS validation
On Wed, Feb 27, 2019 at 6:08 AM Peter Zijlstra <peterz@...radead.org> wrote:
>
> So KASAN is wildly unhappy..
Yeah, well, with KASAN you definitely end up doing lots and lots for
calls for just regular memory accesses.
Which we obviously need to do for most uaccess cases.
I think you should just say "ok, kasan reporting will possibly run with AC on".
Again, having AC on isn't fatal. It just makes the window where you
can incorrectly access user space through a wild pointer bigger.
So the whole "run with AC on" thing isn't a big deal, apart from the
scheduling case.
And we know how to fix the scheduling case by just doing the
save/restore thing..
Linus
Powered by blists - more mailing lists