lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Y6B9l/aDnsek8Zyl@hirez.programming.kicks-ass.net>
Date:   Mon, 19 Dec 2022 16:04:55 +0100
From:   Peter Zijlstra <peterz@...radead.org>
To:     Dan Li <ashimida.1990@...il.com>
Cc:     Masahiro Yamada <masahiroy@...nel.org>,
        Michal Marek <michal.lkml@...kovi.net>,
        Nick Desaulniers <ndesaulniers@...gle.com>,
        Catalin Marinas <catalin.marinas@....com>,
        Will Deacon <will@...nel.org>,
        Sami Tolvanen <samitolvanen@...gle.com>,
        Kees Cook <keescook@...omium.org>,
        Nathan Chancellor <nathan@...nel.org>,
        Tom Rix <trix@...hat.com>,
        "Paul E. McKenney" <paulmck@...nel.org>,
        Mark Rutland <mark.rutland@....com>,
        Josh Poimboeuf <jpoimboe@...nel.org>,
        Frederic Weisbecker <frederic@...nel.org>,
        "Eric W. Biederman" <ebiederm@...ssion.com>,
        Marco Elver <elver@...gle.com>,
        Christophe Leroy <christophe.leroy@...roup.eu>,
        Song Liu <song@...nel.org>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Uros Bizjak <ubizjak@...il.com>,
        Kumar Kartikeya Dwivedi <memxor@...il.com>,
        Juergen Gross <jgross@...e.com>,
        Luis Chamberlain <mcgrof@...nel.org>,
        Borislav Petkov <bp@...e.de>,
        Masami Hiramatsu <mhiramat@...nel.org>,
        Dmitry Torokhov <dmitry.torokhov@...il.com>,
        Aaron Tomlin <atomlin@...hat.com>,
        Kalesh Singh <kaleshsingh@...gle.com>,
        Yuntao Wang <ytcoode@...il.com>,
        Changbin Du <changbin.du@...el.com>,
        linux-kbuild@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-arm-kernel@...ts.infradead.org, llvm@...ts.linux.dev
Subject: Re: [RFC/RFT] CFI: Add support for gcc CFI in aarch64

On Mon, Dec 19, 2022 at 05:32:04AM -0800, Dan Li wrote:
> Hi Peter,
> 
> On 12/19, Peter Zijlstra wrote:
> > On Sun, Dec 18, 2022 at 10:17:58PM -0800, Dan Li wrote:
> > 
> > > 1. When a typeid mismatch is detected, the cfi_check_failed function
> > >    will be called instead of the brk instruction. This function needs
> > >    to be implemented by the compiler user.
> > >    If there are user mode programs or other systems that want to use
> > >    this feature, it may be more convenient to use a callback (so this
> > >    compilation option is set to -fsanitize=cfi instead of kcfi).
> > 
> > This is not going to be acceptible for x86_64.
> 
> I'm not familiar enough with the x86_64 platform, could you please
> tell me why this is not acceptable? Is there a similar situation
> on the arm64 platform?

Mostly because the call would be a 5 byte instruction while the trap
(UD2) is only 2 bytes.

I suspect Argh64 has a similar problem if the to be called function is
outside the immediate range (26 bits or thereabout), in which case you
end up with a multi-instruction sequence to construct the call target or
so. A trap is always a single instruction.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ