Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp924062yba; Fri, 3 May 2019 12:46:43 -0700 (PDT) X-Google-Smtp-Source: APXvYqw2aJAZHLkhMvii1gJGy/Kn+DpMxqvrqncq/6wo9S970Xmgm5n24eY2982j7y5bXu1jV4NI X-Received: by 2002:a17:902:1602:: with SMTP id g2mr13003005plg.325.1556912803496; Fri, 03 May 2019 12:46:43 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1556912803; cv=none; d=google.com; s=arc-20160816; b=1Apb7BjFXBB5jQSYVyf04/BPQP9GMNirZxoPltXrO3tjGCBw36kQo1xr4+UJYkQJpU 8Jjh+SCwFei+a8UfXQi+RliP5n8G4xPi27DlihgU2Tp2XXPODNIUDAxjDtvz/Yb4B2Pb x1cdGya3mbp2WbzWnPplt+2nnujXTLhfJFJtrF4IZmYosVs4OxHyIIRSkR6sOHhO7U0d BzVy7Qzk73TtQQ7HqIbrCpCOK3I65RBVaIHEnS2Sou2Qh1SIws8puUqBglVs35jq+Pf2 1zW40MXZn4y+ygWgFNPrwhI3k2EKl2bjx6B/99QgdejBFKGCN3iW9C+jUTYlwmy/3S4b 17dQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=vrZPNFycjIPCS5MGk9MAG+nKHJrhm1Q0xvifSIf+zuk=; b=FaLJWcimtto6Q9TQ1rAcjYFLwD7B0lUchTn5KQY3+5UO9dzODqGy5fZ+f/NRopRWQQ fSxbbp+0BfEB53G0j8yk7cCM0X0mKPpKWLzxuYVrxmayQ6OQVvBh5pE9Hc58DDHFbDRl SL6SUEYtvRfB2c3JqUSB+Yl5Fx+o5BMuHOOEfOcP/RweGVrm6uxUd1jbaLNzwQD4dSPB q3FwLiEMH5bBsXYuMlvAb9aIWs8J/UjI/5gqL4DZVH/WIYXns9HXiwBNO/dcnh0KALNU RPGH/ySFxeFw9yau7I66lrl8rs3S9pwFdGE1c+0mx/e6UIYsxspKFJyuMPJ5/7Lg1d/F 7LuA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=OEfmC6eJ; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m21si3736152pls.121.2019.05.03.12.46.27; Fri, 03 May 2019 12:46:43 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=OEfmC6eJ; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726544AbfECTTT (ORCPT + 99 others); Fri, 3 May 2019 15:19:19 -0400 Received: from mail-lj1-f196.google.com ([209.85.208.196]:45182 "EHLO mail-lj1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726404AbfECTTS (ORCPT ); Fri, 3 May 2019 15:19:18 -0400 Received: by mail-lj1-f196.google.com with SMTP id w12so6100670ljh.12 for ; Fri, 03 May 2019 12:19:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=vrZPNFycjIPCS5MGk9MAG+nKHJrhm1Q0xvifSIf+zuk=; b=OEfmC6eJF2GPkWPbvs4stvkodrbQDXUL+PPqhjLUfk1i/pl6J+3SSY0xZI0I1g2RFb diBNMWHW/rqTdKWhuupppKaljsSj6VtB1P1+GlwSP1NRVFF3v/NVGneYtUDR6DkQKMp+ sCaMQ/861on6pkLTiIark2/tC7R2z4uluIE84= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=vrZPNFycjIPCS5MGk9MAG+nKHJrhm1Q0xvifSIf+zuk=; b=png8RdStsH8bPifcEFp5nZkmMIC2ngXduXYcf6U+xBkf7PsXb1h3+m1Utc3b7AEmWd JIJ72GxcwwyPnd7yXsoI93W0oz72gweSSggwMpMPgeMXU49opv9pUcUurmPawFNZl+/R aIsadP4o4DSbNpUn2O5XIhb9lL5omW+rppWI7lU+rGsZlGH7Uu+ocxF2VXy2COrmHgPJ 5r3+4r3oxYSByacj3fktaoThPDHQPjsNI7XtuvW34RSmmPlIPnaavAwoBu4C3NkrdIFi LgbuHiDg9S6P2uQWvj+f0oGVH/w4mt4cLpdOPRemC4OkIqVdcuiTHov2JPZFfJ3o6myz YG/Q== X-Gm-Message-State: APjAAAWvdsvLqrA3pQYoaR0I2k709sqa+LQCSQPRNzOJRcKuckAEMLyj ofdVj4hIYX6HTZBAUTroG4r8rS8ob3o= X-Received: by 2002:a2e:9583:: with SMTP id w3mr1201463ljh.150.1556911156369; Fri, 03 May 2019 12:19:16 -0700 (PDT) Received: from mail-lf1-f49.google.com (mail-lf1-f49.google.com. [209.85.167.49]) by smtp.gmail.com with ESMTPSA id g20sm173120lja.67.2019.05.03.12.19.15 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 03 May 2019 12:19:16 -0700 (PDT) Received: by mail-lf1-f49.google.com with SMTP id u27so4886300lfg.10 for ; Fri, 03 May 2019 12:19:15 -0700 (PDT) X-Received: by 2002:a19:4f54:: with SMTP id a20mr5886095lfk.136.1556910664485; Fri, 03 May 2019 12:11:04 -0700 (PDT) MIME-Version: 1.0 References: <57357E35-3D9B-4CA7-BAB9-0BE89E0094D2@amacapital.net> <2236FBA76BA1254E88B949DDB74E612BA4C66A8A@IRSMSX102.ger.corp.intel.com> <6860856C-6A92-4569-9CD8-FF6C5C441F30@amacapital.net> <2236FBA76BA1254E88B949DDB74E612BA4C6A4D7@IRSMSX102.ger.corp.intel.com> <303fc4ee5ac04e4fac104df1188952e8@AcuMS.aculab.com> <2236FBA76BA1254E88B949DDB74E612BA4C6C2C3@IRSMSX102.ger.corp.intel.com> <2e55aeb3b39440c0bebf47f0f9522dd8@AcuMS.aculab.com> <20190502150853.GA16779@gmail.com> <20190502164524.GB115950@gmail.com> <2236FBA76BA1254E88B949DDB74E612BA4C6F523@IRSMSX102.ger.corp.intel.com> In-Reply-To: From: Linus Torvalds Date: Fri, 3 May 2019 12:10:48 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH] x86/entry/64: randomize kernel stack offset upon syscall To: David Laight Cc: "Reshetova, Elena" , Ingo Molnar , Andy Lutomirski , "Theodore Ts'o" , Eric Biggers , "ebiggers@google.com" , "herbert@gondor.apana.org.au" , Peter Zijlstra , "keescook@chromium.org" , Daniel Borkmann , "linux-kernel@vger.kernel.org" , "jpoimboe@redhat.com" , "jannh@google.com" , "Perla, Enrico" , "mingo@redhat.com" , "bp@alien8.de" , "tglx@linutronix.de" , "gregkh@linuxfoundation.org" , "Edgecombe, Rick P" , Peter Zijlstra Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, May 3, 2019 at 9:40 AM David Laight wrote: > > That gives you 10 system calls per rdrand instruction > and mostly takes the latency out of line. Do we really want to do this? What is the attack scenario? With no VLA's, and the stackleak plugin, what's the upside? Are we adding random code (literally) "just because"? Linus