| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20211202225107.GF16608@worktop.programming.kicks-ass.net>
Date: Thu, 2 Dec 2021 23:51:07 +0100
From: Peter Zijlstra <peterz@...radead.org>
To: David Laight <David.Laight@...LAB.COM>
Cc: 'Brian Gerst' <brgerst@...il.com>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"x86@...nel.org" <x86@...nel.org>,
Andy Lutomirski <luto@...nel.org>,
Borislav Petkov <bp@...en8.de>,
Thomas Gleixner <tglx@...utronix.de>,
"H . Peter Anvin" <hpa@...or.com>
Subject: Re: [PATCH v2 2/6] x86-64: Convert stack protector to normal percpu
variable
On Wed, Dec 01, 2021 at 09:50:57AM +0000, David Laight wrote:
> From: Brian Gerst
> > Sent: 30 November 2021 20:56
> >
> > Older versions of GCC fixed the location of the stack protector canary
> > at %gs:40. This constraint forced the percpu section to be linked at
> > virtual address 0 so that the canary could be the first data object in
> > the percpu section. Supporting the zero-based percpu section requires
> > additional code to handle relocations for RIP-relative references to
> > percpu data, extra complexity to kallsyms, and workarounds for linker
> > bugs due to the use of absolute symbols.
> >
> > Since version 8.1, GCC has options to configure the location of the
> > canary value. This allows the canary to be turned into a normal
> > percpu variable and removes the constraint that the percpu section
> > be zero-based.
>
> I didn't think the minimum gcc version has been raised as far as 8.1?
Older GCC can still build a kernel, just not with stack protector on.
And 8.1 is already 3 years old. If you run ancient distros, you can run
ancient kernels too.
Powered by blists - more mailing lists