lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <CAKC1njTb4=mnvNzvwU-afQvXbr+i-BzJBtp-tO91cEFh2QN6Vw@mail.gmail.com>
Date:   Thu, 20 Jul 2023 11:42:38 -0700
From:   Deepak Gupta <debug@...osinc.com>
To:     Sami Tolvanen <samitolvanen@...gle.com>
Cc:     palmer@...belt.com, linux-kernel@...r.kernel.org,
        linux-riscv@...ts.infradead.org, Guo Ren <guoren@...nel.org>,
        Jisheng Zhang <jszhang@...nel.org>
Subject: Re: [PATCH v2] riscv: VMAP_STACK overflow detection thread-safe

On Thu, Jul 20, 2023 at 11:38 AM Deepak Gupta <debug@...osinc.com> wrote:
>
> On Wed, Jul 19, 2023 at 5:18 PM Sami Tolvanen <samitolvanen@...gle.com> wrote:
>>
>> Hi Deepak,
>>
>> On Thu, Nov 24, 2022 at 01:48:45AM -0800, Deepak Gupta wrote:
>> > commit 31da94c25aea ("riscv: add VMAP_STACK overflow detection") added
>> > support for CONFIG_VMAP_STACK. If overflow is detected, CPU switches to
>> > `shadow_stack` temporarily before switching finally to per-cpu
>> > `overflow_stack`.
>> >
>> > If two CPUs/harts are racing and end up in over flowing kernel stack, one
>> > or both will end up corrupting each other state because `shadow_stack` is
>> > not per-cpu. This patch optimizes per-cpu overflow stack switch by
>> > directly picking per-cpu `overflow_stack` and gets rid of `shadow_stack`.
>>
>> Are you planning on resending this patch? I see it didn't gain much
>> traction last time, but this looks like a much cleaner solution for
>> selecting the overflow stack than having a `shadow_stack` and calling
>> to C to compute the per-CPU offset. The asm_per_cpu macro also would
>> come in handy when implementing CONFIG_SHADOW_CALL_STACK, which we'd
>> like to have on RISC-V too.
>
>
> I personally like the approach of using percpu because I found it cleaner and easy to maintain.
>
> There wasn't any willingness to accept that patch because list members / maintainers thought the best way to fix an error prone mechanism is
> to introduce another clunky mechanism which is difficult to maintain. So no plan on resending that patch.
>
> If there is motivation to use the asm_per_cpu macro for other stuff, please feel free to use it from my patch.
> I believe it will be handy.
>
> If there is motivation to accept this patch on the list or provide suggestions on this patch, I can resend it.

Sorry for the last html formatted email.
Somehow settings in my gmail got reset and plaintext mode was set to html again.

>
> -Deepak
>
>
>
>>
>>
>> Sami

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ