lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <fefdacd0-787b-d03e-2ead-ac10641b4eb2@linux.alibaba.com>
Date:   Tue, 12 Oct 2021 03:07:31 +0800
From:   Dan Li <ashimida@...ux.alibaba.com>
To:     Nick Desaulniers <ndesaulniers@...gle.com>
Cc:     Miguel Ojeda <miguel.ojeda.sandonis@...il.com>,
        Masahiro Yamada <masahiroy@...nel.org>,
        Michal Marek <michal.lkml@...kovi.net>,
        Catalin Marinas <catalin.marinas@....com>,
        Will Deacon <will@...nel.org>,
        Kees Cook <keescook@...omium.org>,
        Nathan Chancellor <nathan@...nel.org>,
        Thomas Gleixner <tglx@...utronix.de>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Sami Tolvanen <samitolvanen@...gle.com>, frederic@...nel.org,
        Mike Rapoport <rppt@...nel.org>,
        Mark Rutland <mark.rutland@....com>, yifeifz2@...inois.edu,
        Steven Rostedt <rostedt@...dmis.org>,
        Viresh Kumar <viresh.kumar@...aro.org>, andreyknvl@...il.com,
        Colin King <colin.king@...onical.com>,
        Miguel Ojeda <ojeda@...nel.org>,
        Luc Van Oostenryck <luc.vanoostenryck@...il.com>,
        Marco Elver <elver@...gle.com>,
        Arvind Sankar <nivedita@...m.mit.edu>,
        Ard Biesheuvel <ardb@...nel.org>,
        Linux Kbuild mailing list <linux-kbuild@...r.kernel.org>,
        linux-kernel <linux-kernel@...r.kernel.org>,
        Linux ARM <linux-arm-kernel@...ts.infradead.org>,
        linux-hardening@...r.kernel.org,
        clang-built-linux <clang-built-linux@...glegroups.com>
Subject: Re: [PATCH] [PATCH V2]ARM64: SCS: Add gcc plugin to support Shadow
 Call Stack



On 10/12/21 1:23 AM, Nick Desaulniers wrote:
> On Mon, Oct 11, 2021 at 8:42 AM Dan Li <ashimida@...ux.alibaba.com> wrote:
>>
>>
>>
>> On 10/10/21 11:43 PM, Miguel Ojeda wrote:
>>> On Sun, Oct 10, 2021 at 5:16 PM Dan Li <ashimida@...ux.alibaba.com> wrote:
>>>>
>>>> -         This option enables Clang's Shadow Call Stack, which uses a
>>>> -         shadow stack to protect function return addresses from being
>>>> -         overwritten by an attacker. More information can be found in
>>>> -         Clang's documentation:
>>>> +         This option enables Clang/GCC plugin's Shadow Call Stack, which
>>>> +         uses a shadow stack to protect function return addresses from
>>>> +         being overwritten by an attacker. More information can be found
>>>> +         in Clang's documentation:
>>>
>>> Perhaps it could be worded in a better way? It sounds like it is a
>>> custom plugin for Clang as well, e.g.:
>>>
>>>       This option enables Shadow Call Stack (in the case of GCC, as a plugin),
>>>
>>> Cheers,
>>> Miguel
>>>
>>
>> Thanks Miguel.
>>
>> How about writing like this:
>> This option enables Shadow Call Stack (supported as a compiler option in
>> the case of clang, supported as a plugin in the case of gcc), which uses
>> a shadow stack to ...
> 
> That sounds reasonable.
> 
> One question I have Dan, what is your sense for getting this feature
> landed upstream in GCC proper?  It's neat to be able to use plugins to
> support older versions of a compiler than when the feature initially
> lands; I was curious if you're working to submit this into GCC as
> well?  I didn't see anything in GCC's bug tracker for "shadow call
> stack," but maybe there's a different feature bug tracking this?
>

Thanks Nick.

The original intention of this plugin is to provide the customer's (bsp)
kernel with the ability to enable SCS protection under gcc. It's not
always feasible to recompile gcc or convince customers to switch to a
higher version, so I implemented this feature through a plugin. For bsp,
this method could reduce its use cost.

Because my main area of concern is kernel security, I first submitted
this plugin to the community.

I think [PATCH V2] can also be submitted to the gcc mainline. This is
my next plan, and I still need some time to reorganize it into the gcc
source code.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ