| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20210506134542.GD4642@sirena.org.uk>
Date: Thu, 6 May 2021 14:45:42 +0100
From: Mark Brown <broonie@...nel.org>
To: "Madhavan T. Venkataraman" <madvenka@...ux.microsoft.com>
Cc: jpoimboe@...hat.com, mark.rutland@....com, jthierry@...hat.com,
catalin.marinas@....com, will@...nel.org, jmorris@...ei.org,
pasha.tatashin@...een.com, linux-arm-kernel@...ts.infradead.org,
live-patching@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [RFC PATCH v3 2/4] arm64: Check the return PC against unreliable
code sections
On Wed, May 05, 2021 at 01:48:21PM -0500, Madhavan T. Venkataraman wrote:
> On 5/5/21 11:46 AM, Mark Brown wrote:
> > I think that works even if it's hard to love the goto, might want some
> > defensiveness to ensure we can't somehow end up in an infinite loop with
> > a sufficiently badly formed stack.
> I could do something like this:
> unwind_frame()
> {
> int i;
> ...
>
> for (i = 0; i < MAX_CHECKS; i++) {
> if (!check_frame(tsk, frame))
> break;
> }
I think that could work, yes. Have to see the actual code (and other
people's opinions!).
> If this is acceptable, then the only question is - what should be the value of
> MAX_CHECKS (I will rename it to something more appropriate)?
I'd expect something like 10 to be way more than we'd ever need, or we
could define it down to the 2 checks we expect to be possible ATM to be
conservative. I'm tempted to be permissive if we have sufficient other
checks but I'm not 100% sure on that.
Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)
Powered by blists - more mailing lists