| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20190408124940.hb4d2mvwue7aydjj@treble>
Date: Mon, 8 Apr 2019 07:49:40 -0500
From: Josh Poimboeuf <jpoimboe@...hat.com>
To: Elena Reshetova <elena.reshetova@...el.com>
Cc: luto@...nel.org, linux-kernel@...r.kernel.org, luto@...capital.net,
keescook@...omium.org, jannh@...gle.com, enrico.perla@...el.com,
mingo@...hat.com, bp@...en8.de, tglx@...utronix.de,
peterz@...radead.org, gregkh@...uxfoundation.org
Subject: Re: [PATCH] x86/entry/64: randomize kernel stack offset upon syscall
On Mon, Apr 08, 2019 at 09:13:58AM +0300, Elena Reshetova wrote:
> diff --git a/arch/x86/entry/common.c b/arch/x86/entry/common.c
> index 7bc105f47d21..38ddc213a5e9 100644
> --- a/arch/x86/entry/common.c
> +++ b/arch/x86/entry/common.c
> @@ -35,6 +35,12 @@
> #define CREATE_TRACE_POINTS
> #include <trace/events/syscalls.h>
>
> +#ifdef CONFIG_RANDOMIZE_KSTACK_OFFSET
> +#include <linux/random.h>
> +
> +void *alloca(size_t size);
> +#endif
> +
> #ifdef CONFIG_CONTEXT_TRACKING
> /* Called on entry from user mode with IRQs off. */
> __visible inline void enter_from_user_mode(void)
> @@ -273,6 +279,13 @@ __visible void do_syscall_64(unsigned long nr, struct pt_regs *regs)
> {
> struct thread_info *ti;
>
> +#ifdef CONFIG_RANDOMIZE_KSTACK_OFFSET
> + size_t offset = ((size_t)prandom_u32()) % 256;
> + char *ptr = alloca(offset);
> +
> + asm volatile("":"=m"(*ptr));
> +#endif
> +
> enter_from_user_mode();
> local_irq_enable();
> ti = current_thread_info();
Would it make sense to also do this for the compat syscalls
(do_fast_syscall_32, do_int80_syscall_32)?
--
Josh
Powered by blists - more mailing lists