| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 14 Jul 2022 13:06:38 +0100
From: Mark Brown <broonie@...nel.org>
To: Mark Rutland <mark.rutland@....com>
Cc: linux-kernel@...r.kernel.org, linux-arm-kernel@...ts.infradead.org,
Kees Cook <keescook@...omium.org>, peterz@...radead.org
Subject: Re: [PATCH] lkdtm: cfi: add test for HW landing pad CFI
On Thu, Jul 14, 2022 at 12:31:54PM +0100, Mark Rutland wrote:
> On Wed, Jul 13, 2022 at 05:13:57PM +0100, Mark Brown wrote:
> > Not sure that worrying about that at this point isn't making perfect the
> > enemy of good though, it could be dealt with later. Perhaps just put
> > the offset behind a #define to make it a tiny bit more discoverable?
> How about I just add a comment for now? e.g.
> /*
> * Skip past a landing pad instruction.
> * On arm64 all instructions are 4-byte aligned, and x86's ENDBR is 4
> * bytes.
> */
I'd rather have something that will definitely either fail or skip the
test so it can't silently pass, if people need to look at the source to
discover this there's more chance they'll mistakenly think things are
working. Something like
#ifdef __aarch64__
#define LANDING_PAD_SKIP 4
#elif defined (__x86_64__)
#define LANDING_PAD_SKIP 4
#endif
then #ifdef LANDING_PAD_SKIP around the test perhaps?
Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)
Powered by blists - more mailing lists