| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZDaAr0Tg5DPJM9BY@osiris>
Date: Wed, 12 Apr 2023 11:58:07 +0200
From: Heiko Carstens <hca@...ux.ibm.com>
To: Mark Rutland <mark.rutland@....com>
Cc: Kees Cook <keescook@...omium.org>,
Alexander Popov <alex.popov@...ux.com>,
Vasily Gorbik <gor@...ux.ibm.com>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/2] stackleak: allow to specify arch specific stackleak
poison function
On Wed, Apr 12, 2023 at 10:03:46AM +0100, Mark Rutland wrote:
> On Wed, Apr 05, 2023 at 03:08:40PM +0200, Heiko Carstens wrote:
> > Factor out the code that fills the stack with the stackleak poison value
> > in order to allow architectures to provide a faster implementation.
> >
> > Acked-by: Vasily Gorbik <gor@...ux.ibm.com>
> > Signed-off-by: Heiko Carstens <hca@...ux.ibm.com>
>
> As on patch 2, it might be nicer to have a noinstr-safe memset64() and use that
> directly, but I don't have strong feelings either way, and I'll defer to Kees's
> judgement:
Wouldn't that enforce that memset64() wouldn't be allowed to have an own
stackframe, since otherwise it would write poison values to it, since we
have
if (on_task_stack)
erase_high = current_stack_pointer;
in __stackleak_erase()?
That was actually my motiviation to make this s390 optimization an always
inline asm.
Besides that this wouldn't be a problem for at least s390, since memset64()
is an asm function which comes whithout the need for a stackframe, but on
the other hand this would add a quite subtle requirement to memset64(), if
I'm not mistaken.
Powered by blists - more mailing lists