lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20211016211643.h5ylg3hlhnzbee2u@treble> Date: Sat, 16 Oct 2021 14:16:43 -0700 From: Josh Poimboeuf <jpoimboe@...hat.com> To: Thomas Gleixner <tglx@...utronix.de> Cc: Sami Tolvanen <samitolvanen@...gle.com>, Andy Lutomirski <luto@...nel.org>, the arch/x86 maintainers <x86@...nel.org>, Kees Cook <keescook@...omium.org>, "Peter Zijlstra (Intel)" <peterz@...radead.org>, Nathan Chancellor <nathan@...nel.org>, Nick Desaulniers <ndesaulniers@...gle.com>, Sedat Dilek <sedat.dilek@...il.com>, Steven Rostedt <rostedt@...dmis.org>, linux-hardening@...r.kernel.org, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, llvm@...ts.linux.dev Subject: Re: [PATCH v5 03/15] linkage: Add DECLARE_NOT_CALLED_FROM_C On Sat, Oct 16, 2021 at 12:17:40AM +0200, Thomas Gleixner wrote: > For actually callable functions, by some definition of callable, > e.g. the clear_page_*() variants a proper attribute would be definitely > preferred. See my last email, clear_page_*() has nothing to do with CFI in the first place. > That attribute should tell the compiler that the function is using the > register arguments correctly but is not suitable for direct invocation > because it clobbers registers. > > So the compiler can just refuse to call such a function if used directly > without an inline asm wrapper which describes the clobbers, right? > > But thinking more about clobbers. The only "annotation" of clobbers we > have today are the clobbers in the inline asm, which is fragile too. > > Something like > > __attribute__ ((clobbers ("rcx", "rax"))) > > might be useful by itself because it allows validation of the clobbers > in the inline asm wrappers and also allows a analysis tool to look at > the ASM code and check whether the above list is correct. > > Hmm? Functions are allowed to clobber rcx and rax anyway. The clear_page_*() functions follow the C ABI, like (almost) every other asm function in the kernel. I think there's a misunderstanding here, as most of this doesn't have anything to do with CFI anyway. -- Josh
Powered by blists - more mailing lists