lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 16 Oct 2020 10:16:26 -0400
From:   Arvind Sankar <nivedita@...m.mit.edu>
To:     Borislav Petkov <bp@...en8.de>
Cc:     Arvind Sankar <nivedita@...m.mit.edu>, x86@...nel.org,
        Joerg Roedel <jroedel@...e.de>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 5/5] x86/head/64: Disable stack protection for
 head$(BITS).o

On Fri, Oct 16, 2020 at 03:15:45PM +0200, Borislav Petkov wrote:
> On Fri, Oct 16, 2020 at 08:43:01AM -0400, Arvind Sankar wrote:
> > You need STACKPROTECTOR_STRONG -- I was testing with defconfig and the
> > option is enabled by default.
> 
> And you need to write those things in the commit messages.
> 
> Please, for the future, always make sure that all required ingredients
> for triggering a bug are documented in the commit message, before
> sending a fix. Jörg and I were both scratching heads on how you're
> reproducing this.
> 
> Thx.
> 

Sorry about that. This config option I didn't notice before since I
hadn't explicitly enabled the option, but I should have been more clear
about how I reproduced. I actually came across this from the other end,
was looking at the disassembly, saw the stack check call, and then spent
a while debugging why it did _not_ just always crash.

Thanks.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ