| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 1 Aug 2023 15:01:59 +0100
From: Mark Brown <broonie@...nel.org>
To: "Edgecombe, Rick P" <rick.p.edgecombe@...el.com>
Cc: "corbet@....net" <corbet@....net>,
"ardb@...nel.org" <ardb@...nel.org>,
"keescook@...omium.org" <keescook@...omium.org>,
"shuah@...nel.org" <shuah@...nel.org>,
"Szabolcs.Nagy@....com" <Szabolcs.Nagy@....com>,
"maz@...nel.org" <maz@...nel.org>,
"james.morse@....com" <james.morse@....com>,
"debug@...osinc.com" <debug@...osinc.com>,
"akpm@...ux-foundation.org" <akpm@...ux-foundation.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"catalin.marinas@....com" <catalin.marinas@....com>,
"hjl.tools@...il.com" <hjl.tools@...il.com>,
"paul.walmsley@...ive.com" <paul.walmsley@...ive.com>,
"linux-mm@...ck.org" <linux-mm@...ck.org>,
"aou@...s.berkeley.edu" <aou@...s.berkeley.edu>,
"oleg@...hat.com" <oleg@...hat.com>,
"arnd@...db.de" <arnd@...db.de>,
"ebiederm@...ssion.com" <ebiederm@...ssion.com>,
"will@...nel.org" <will@...nel.org>,
"suzuki.poulose@....com" <suzuki.poulose@....com>,
"kvmarm@...ts.linux.dev" <kvmarm@...ts.linux.dev>,
"linux-doc@...r.kernel.org" <linux-doc@...r.kernel.org>,
"linux-fsdevel@...r.kernel.org" <linux-fsdevel@...r.kernel.org>,
"linux-arm-kernel@...ts.infradead.org"
<linux-arm-kernel@...ts.infradead.org>,
"linux-kselftest@...r.kernel.org" <linux-kselftest@...r.kernel.org>,
"linux-arch@...r.kernel.org" <linux-arch@...r.kernel.org>,
"oliver.upton@...ux.dev" <oliver.upton@...ux.dev>,
"linux-riscv@...ts.infradead.org" <linux-riscv@...ts.infradead.org>,
"palmer@...belt.com" <palmer@...belt.com>
Subject: Re: [PATCH v3 21/36] arm64/mm: Implement map_shadow_stack()
On Mon, Jul 31, 2023 at 11:19:34PM +0000, Edgecombe, Rick P wrote:
> The thing I was trying to get at was, we have this shared syscall that
> means create shadow stack memory and prepopulate it like this flag
> says. On x86 we optionally support SHADOW_STACK_SET_TOKEN which means
> put a token right at the end of size. So maybe arm should have a
> different flag value that includes putting the marker and then the
> token, and x86 could match it someday if we get markers too.
Oh, I see. My mental model was that this was controlling the whole
thing we put at the top rather than treating the terminator and the cap
separately.
> It could be a different flag, like SHADOW_STACK_SET_TOKEN_MARKER, or it
> could be SHADOW_STACK_SET_MARKER, and callers could pass
> (SHADOW_STACK_SET_TOKEN | SHADOW_STACK_SET_MARKER) to get what you have
> implemented here. What do you think?
For arm64 code this would mean that it would be possible (and fairly
easy) to create stacks which don't have a termination record which would
make life harder for unwinders to rely on. I don't think this is
insurmountable, creating manually shouldn't be the standard and it'll
already be an issue on x86 anyway.
The other minor issue is that the current arm64 marker is all bits 0
so by itself for arm64 _MARKER would have no perceptible impact, it
would only serve to push the token down a slot in the stack (I'm
guessing that's the intended meaning?). I'm not sure that's a
particularly big deal though.
Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)
Powered by blists - more mailing lists