| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200722075455.GQ119549@hirez.programming.kicks-ass.net>
Date: Wed, 22 Jul 2020 09:54:55 +0200
From: peterz@...radead.org
To: Kees Cook <keescook@...omium.org>
Cc: Thomas Gleixner <tglx@...utronix.de>,
LKML <linux-kernel@...r.kernel.org>, x86@...nel.org,
linux-arch@...r.kernel.org, Will Deacon <will@...nel.org>,
Arnd Bergmann <arnd@...db.de>,
Mark Rutland <mark.rutland@....com>,
Keno Fischer <keno@...iacomputing.com>,
Paolo Bonzini <pbonzini@...hat.com>, kvm@...r.kernel.org,
Gabriel Krisman Bertazi <krisman@...labora.com>
Subject: Re: [patch V4 02/15] entry: Provide generic syscall entry
functionality
On Tue, Jul 21, 2020 at 02:38:16PM -0700, Kees Cook wrote:
> One thing I noticed while doing syscall entry timings for the kernel
> stack base offset randomization was that the stack protector was being
> needlessly enabled in certain paths (seccomp, audit) due to seeing a
> register array being declared on the stack. As part of that series I
> suggested down-grading the stack protector. Since then, Peter's changes
> entirely disabled the stack protector on the entry code, which I
> grudgingly accept (I'd rather have a way to mark a variable as "ignore
> this for stack protector detection", but ... there isn't, so fine.)
I don't think I'd like to have that per variable, but a function
attribute to disable stack protector would be awesome, except our
GCC-besties forgot to create that function attribute :-(
If/when we get such a function attribute, we can add it to noinstr.
Also see this here:
https://lkml.kernel.org/r/20200314164451.346497-1-slyfox@gentoo.org
Powered by blists - more mailing lists