| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20201020162806.6kl6japxkij7dzel@treble>
Date: Tue, 20 Oct 2020 11:28:06 -0500
From: Josh Poimboeuf <jpoimboe@...hat.com>
To: Mark Brown <broonie@...nel.org>
Cc: Mark Rutland <mark.rutland@....com>,
Miroslav Benes <mbenes@...e.cz>,
Catalin Marinas <catalin.marinas@....com>,
Will Deacon <will@...nel.org>,
linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org,
live-patching@...r.kernel.org
Subject: Re: [RFC PATCH 0/3] arm64: Implement reliable stack trace
On Tue, Oct 20, 2020 at 04:39:13PM +0100, Mark Brown wrote:
> On Mon, Oct 19, 2020 at 06:41:55PM -0500, Josh Poimboeuf wrote:
> > On Fri, Oct 16, 2020 at 01:15:34PM +0100, Mark Brown wrote:
>
> > > Ah, I'd have interpreted "defined thread entry point" as meaning
> > > expecting to find specific functions appering at the end of the stack
> > > rather than meaning positively identifying the end of the stack - for
> > > arm64 we use a NULL frame pointer to indicate this in all situations.
> > > In that case that's one bit that is already clear.
>
> > I think a NULL frame pointer isn't going to be robust enough. For
> > example NULL could easily be introduced by a corrupt stack, or by asm
> > frame pointer misuse.
>
> Is it just the particular poison value that you're concerned about here
> or are you looking for additional checks of some other kind?
You just need to know you've conclusively reached the user entry point
on the stack, without missing any functions.
A sufficiently unique poison value might be ok. Though, defining a
certain stack offset as the "end" seems more robust.
--
Josh
Powered by blists - more mailing lists