| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 10 Feb 2022 23:40:16 +0000
From: "Edgecombe, Rick P" <rick.p.edgecombe@...el.com>
To: "Lutomirski, Andy" <luto@...nel.org>,
"Hansen, Dave" <dave.hansen@...el.com>
CC: "bsingharora@...il.com" <bsingharora@...il.com>,
"hpa@...or.com" <hpa@...or.com>,
"Syromiatnikov, Eugene" <esyr@...hat.com>,
"peterz@...radead.org" <peterz@...radead.org>,
"rdunlap@...radead.org" <rdunlap@...radead.org>,
"keescook@...omium.org" <keescook@...omium.org>,
"Yu, Yu-cheng" <yu-cheng.yu@...el.com>,
"dave.hansen@...ux.intel.com" <dave.hansen@...ux.intel.com>,
"kirill.shutemov@...ux.intel.com" <kirill.shutemov@...ux.intel.com>,
"Eranian, Stephane" <eranian@...gle.com>,
"linux-mm@...ck.org" <linux-mm@...ck.org>,
"fweimer@...hat.com" <fweimer@...hat.com>,
"nadav.amit@...il.com" <nadav.amit@...il.com>,
"jannh@...gle.com" <jannh@...gle.com>,
"linux-arch@...r.kernel.org" <linux-arch@...r.kernel.org>,
"kcc@...gle.com" <kcc@...gle.com>, "bp@...en8.de" <bp@...en8.de>,
"oleg@...hat.com" <oleg@...hat.com>,
"hjl.tools@...il.com" <hjl.tools@...il.com>,
"Yang, Weijiang" <weijiang.yang@...el.com>,
"linux-doc@...r.kernel.org" <linux-doc@...r.kernel.org>,
"pavel@....cz" <pavel@....cz>, "arnd@...db.de" <arnd@...db.de>,
"Moreira, Joao" <joao.moreira@...el.com>,
"tglx@...utronix.de" <tglx@...utronix.de>,
"mike.kravetz@...cle.com" <mike.kravetz@...cle.com>,
"x86@...nel.org" <x86@...nel.org>,
"dave.martin@....com" <dave.martin@....com>,
"john.allen@....com" <john.allen@....com>,
"mingo@...hat.com" <mingo@...hat.com>,
"Shankar, Ravi V" <ravi.v.shankar@...el.com>,
"corbet@....net" <corbet@....net>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"linux-api@...r.kernel.org" <linux-api@...r.kernel.org>,
"gorcunov@...il.com" <gorcunov@...il.com>
Subject: Re: [PATCH 18/35] mm: Add guard pages around a shadow stack.
On Thu, 2022-02-10 at 15:07 -0800, Andy Lutomirski wrote:
> On Thu, Feb 10, 2022 at 2:44 PM Dave Hansen <dave.hansen@...el.com>
> wrote:
> >
> > On 1/30/22 13:18, Rick Edgecombe wrote:
> > > INCSSP(Q/D) increments shadow stack pointer and 'pops and
> > > discards' the
> > > first and the last elements in the range, effectively touches
> > > those memory
> > > areas.
> > >
> > > The maximum moving distance by INCSSPQ is 255 * 8 = 2040 bytes
> > > and
> > > 255 * 4 = 1020 bytes by INCSSPD. Both ranges are far from
> > > PAGE_SIZE.
> > > Thus, putting a gap page on both ends of a shadow stack prevents
> > > INCSSP,
> > > CALL, and RET from going beyond.
> >
> > What is the downside of not applying this patch? The shadow stack
> > gap
> > is 1MB instead of 4k?
> >
> > That, frankly, doesn't seem too bad. How badly do we *need* this
> > patch?
Like just using VM_SHADOW_STACK | VM_GROWSDOWN to get a regular stack
sized gap? I think it could work. It also simplifies the mm->stack_vm
accounting.
It would no longer get a gap at the end though. I don't think it's
needed.
>
> 1MB of oer-thread guard address space in a 32-bit program may be a
> show stopper. Do we intend to support any of this for 32-bit?
It is supported in the 32 bit compatibility mode, although IBT had
dropped it. I guess this was probably the reason.
Powered by blists - more mailing lists