Received: by 10.192.165.148 with SMTP id m20csp2063259imm; Thu, 3 May 2018 09:46:19 -0700 (PDT) X-Google-Smtp-Source: AB8JxZpP9Tx4OuG8DLyjoD60YuUehMjPYO1C5ZKuUT/Q1s2l1puauf7ql/blHmOKGKWlcV8Ejs5B X-Received: by 2002:a17:902:22a:: with SMTP id 39-v6mr24905808plc.128.1525365979487; Thu, 03 May 2018 09:46:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1525365979; cv=none; d=google.com; s=arc-20160816; b=DEFEBbjqfm9XaS2CLXu3c2f47rADBzSRV3I8wJZaa01YlPwZ7klqoicoN+sDvG3zvq s6TfDLyuocMCy+2CuLJOIRD7pIwWnhJiR7UYezmqTZB9LE1TU+dXkmlvgQ6pmmk/zhAG D6Dg65P05B/Wd6p/NPNL9qX4RaJ0j6xK0XRqCN7d6hrISmc5aIgcZi0dQQMxGevde3Aq p4ggYRebfJKAqHlmhh1vzih7RwA9W3Osk7hvBNcC3kgRG6M+dc8B+o5gsjp5fKWeH3/N Z1It24cx3gxpNDSE/eserRUVMDpRhBen20TaYV7mUZXmwepf+4bAm/d4kT3GD6lMRsrX l0Bg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature:dkim-signature :arc-authentication-results; bh=3JP+pl99Q2O7bhZTjbrRvBcXcZQBJXTf87nPsslXOMw=; b=I9yORgJhQs1dMmr9UIWwFwERQV8Po8XzNGOOLut/bJ0nA7jrHR9gbBdK/4d39vJFyG g4zerCsVLdYqpSClsTGWJpRD2VgGUcW9f0kfePkkf2+c9P9XqtD71sGd2rYuPlijZ4E5 J9PiAft+eF+beIyEzbkwJSE93DIlcl6uy8AL82hoOOsY8ctXj56BiTMGWtZ0ebp8kZGQ Kaq5ysIfJX+N+FRPot0Cbeu3BRsBa0rrahGUzAfDh5skeVLaGASOCDEbnadfgotNuueR mvTSvuvGMG0EmhcianLK0D6sNgNF+Kpwj2pgq/ayCTWjS6gFepqEK78nJ2gwMCwwNFUY +W3Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@google.com header.s=20161025 header.b=SO4hBmOo; dkim=fail header.i=@chromium.org header.s=google header.b=W4nBdQG1; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p2-v6si1848157pge.513.2018.05.03.09.46.04; Thu, 03 May 2018 09:46:19 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@google.com header.s=20161025 header.b=SO4hBmOo; dkim=fail header.i=@chromium.org header.s=google header.b=W4nBdQG1; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751307AbeECQpm (ORCPT + 99 others); Thu, 3 May 2018 12:45:42 -0400 Received: from mail-ua0-f194.google.com ([209.85.217.194]:41959 "EHLO mail-ua0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750954AbeECQpi (ORCPT ); Thu, 3 May 2018 12:45:38 -0400 Received: by mail-ua0-f194.google.com with SMTP id a3so12242709uad.8 for ; Thu, 03 May 2018 09:45:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=3JP+pl99Q2O7bhZTjbrRvBcXcZQBJXTf87nPsslXOMw=; b=SO4hBmOowFJGJlCwmv2DPrKtu+EjEhAIptHZlVBDLWrNxdekseCmaqvS4eKLItWHiI Wk4IClP91UoQQDIZPO9kVakA6p1PYlnOV2F04M9VuAwWiEBJG8qMtmUQ8AjhGbQms8kj 03c/YeLVoJpyhPKyzpvV3XZ3M+tq1ihzBL3j+5BqIJ/aZdNB7x4uFlzb5VasXKA8xACE gmQmM1Bekq71KlKZBdfJX8TCJtlh5Y58b8xvcEFiZTJNIZhQdKdb1Gt9RAqMhkMBJpKd 3xLUdPmL7P4RoNMu2NziA0t+FDIrZMfRFck12qb+J4VVU1PTt3+fLe2bWBGAyZCVE/fh wBdA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=3JP+pl99Q2O7bhZTjbrRvBcXcZQBJXTf87nPsslXOMw=; b=W4nBdQG1IllXl9Alo4TfBueoD36v01Ph7d0UnuKMrLz4+MWdvHGkP7YkUOvhe+07pH ViBSn337PXBHaWlcYSoCwfrnALenom42wDaCAJusBKTy9Qt+bW/fuI43Stf4/zSY3paI Ue7bkcjoaMsmo35xis1UF3RTEGuBi5bVYWrt0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=3JP+pl99Q2O7bhZTjbrRvBcXcZQBJXTf87nPsslXOMw=; b=YhXAxAceEqxBTOxdXBGaAnetDOpkq/pX8AaAguTO75m75MycI0XO25cezgkRNIYDWL RgZxRL/8GlPekLKVvj2jFU6Ct3XtWDv0VI3VMKjnkxJkHVrvhmXBKemgL6Owj8ia1e+k PmDKPs7ZwvZuA44GnN/H9ILvoQ5IedGL4YLci9sWztnhmXGkoTmM1dfLLTdlWVS4nnDW PAf662JyfugqCnj1Iw14OhZf+gy2GkJzGq9cOM+agp1BGgWOP+JLBJN5A9cKVquh0mgN WZg8U1A2eJiPTcT1KO7AGv7Bi1/xty/wR8dhNTuG73chJ60DI+iJeo3imsaRwFY8s5AT B7+A== X-Gm-Message-State: ALQs6tB/Sh+/D8PymRyVId829C9caRHGdYQJOQrJ++zvW7KIymqn3wZ0 v/gv5C6Yk6dNmnthZjJDIaAZf/HhZQyDbKB3/09zUQ== X-Received: by 10.176.84.78 with SMTP id o14mr22287523uaa.164.1525365937928; Thu, 03 May 2018 09:45:37 -0700 (PDT) MIME-Version: 1.0 Received: by 10.31.11.209 with HTTP; Thu, 3 May 2018 09:45:36 -0700 (PDT) In-Reply-To: References: <20180502203326.9491-1-labbott@redhat.com> <20180502203326.9491-3-labbott@redhat.com> <4b7e94c1-79c9-0380-25c6-762762ed595f@redhat.com> From: Kees Cook Date: Thu, 3 May 2018 09:45:36 -0700 X-Google-Sender-Auth: 3jOW1CDSBlxiKlq0wiEGRFggOJk Message-ID: Subject: Re: [PATCH 2/2] arm64: Clear the stack To: Alexander Popov Cc: Laura Abbott , Mark Rutland , Ard Biesheuvel , Kernel Hardening , linux-arm-kernel , LKML Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, May 3, 2018 at 9:05 AM, Alexander Popov wrote: > Hello Laura and Kees, > > On 03.05.2018 02:07, Laura Abbott wrote: >> On 05/02/2018 02:31 PM, Kees Cook wrote: >>> On Wed, May 2, 2018 at 1:33 PM, Laura Abbott wrote: >>>> >>>> Implementation of stackleak based heavily on the x86 version >>> >>> Awesome! Notes below for both you and Alexander, since I think we can >>> create a common code base instead of having near-duplicates in the >>> arch/ trees... > > Yes, sure. > > I will extract the common part and send v12 for x86. Then Laura will be able to > add arm64 support in a separate patch series. Is it fine? Sure, though if you could fold the plugin fix from her, that would be ideal. I'll likely carry both patch sets together once the arm64 one stabilizes. >> This was based on the earlier version of x86. I'll confess to >> not seeing how the current x86 version ended up with get_stack_info >> but I suspect it's either related to ORC unwinding or it's best >> practice. > > I've changed that in v4. Quote from the changelog: > - Fixed the surplus and erroneous code for calculating stack_left in > check_alloca() on x86_64. That code repeats the work which is already > done in get_stack_info() and it misses the fact that different > exception stacks on x86_64 have different size. > > http://www.openwall.com/lists/kernel-hardening/2017/10/04/68 > > We can see that in arch/x86/kernel/dumpstack_64.c. > > Is it fine if check_alloca() would be arch-specific? I'm fine if check_alloca() remains arch-specific. Thanks! -Kees -- Kees Cook Pixel Security