lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <b81b2994e286259a78f3d20660469e88a8b08c31.camel@intel.com>
Date: Wed, 2 Oct 2024 21:25:05 +0000
From: "Edgecombe, Rick P" <rick.p.edgecombe@...el.com>
To: "broonie@...nel.org" <broonie@...nel.org>
CC: "dietmar.eggemann@....com" <dietmar.eggemann@....com>, "x86@...nel.org"
	<x86@...nel.org>, "shuah@...nel.org" <shuah@...nel.org>, "brauner@...nel.org"
	<brauner@...nel.org>, "dave.hansen@...ux.intel.com"
	<dave.hansen@...ux.intel.com>, "debug@...osinc.com" <debug@...osinc.com>,
	"mgorman@...e.de" <mgorman@...e.de>, "vincent.guittot@...aro.org"
	<vincent.guittot@...aro.org>, "fweimer@...hat.com" <fweimer@...hat.com>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"mingo@...hat.com" <mingo@...hat.com>, "hjl.tools@...il.com"
	<hjl.tools@...il.com>, "rostedt@...dmis.org" <rostedt@...dmis.org>,
	"tglx@...utronix.de" <tglx@...utronix.de>, "linux-api@...r.kernel.org"
	<linux-api@...r.kernel.org>, "vschneid@...hat.com" <vschneid@...hat.com>,
	"Szabolcs.Nagy@....com" <Szabolcs.Nagy@....com>, "kees@...nel.org"
	<kees@...nel.org>, "will@...nel.org" <will@...nel.org>, "hpa@...or.com"
	<hpa@...or.com>, "catalin.marinas@....com" <catalin.marinas@....com>,
	"jannh@...gle.com" <jannh@...gle.com>, "yury.khrustalev@....com"
	<yury.khrustalev@....com>, "peterz@...radead.org" <peterz@...radead.org>,
	"bp@...en8.de" <bp@...en8.de>, "linux-kselftest@...r.kernel.org"
	<linux-kselftest@...r.kernel.org>, "wilco.dijkstra@....com"
	<wilco.dijkstra@....com>, "bsegall@...gle.com" <bsegall@...gle.com>,
	"juri.lelli@...hat.com" <juri.lelli@...hat.com>
Subject: Re: [PATCH RFT v9 4/8] fork: Add shadow stack support to clone3()

On Wed, 2024-10-02 at 22:01 +0100, Mark Brown wrote:
> BTW it's probably also worth noting that at least on arm64 (perhaps x86
> is different here?) the shadow stack of a thread that exited won't have
> a token placed on it so it won't be possible to use it with clone3() at
> all unless another token is written.  To get a shadow stack you could
> use with clone3() you'd either need to allocate a new one, pivot away
> from one that's currently in use or enable shadow stack writes and place
> a token.

Hmm, yea. I didn't have a specific idea in mind. But yea, you would have to
switch to something in order to leave a token.

If you enabled WRSS (or similar) you might be able to reuse shadow stacks in
some kind of useful way, but in that case you would probably WRSS the token to
the end of the shadow stack and the start+size would fit better.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ