From: Segher Boessenkool <segher@kernel.crashing.org>
To: Kees Cook <keescook@chromium.org>
Cc: Ard Biesheuvel <ardb@kernel.org>,
Miguel Ojeda <miguel.ojeda.sandonis@gmail.com>,
Nick Desaulniers <ndesaulniers@google.com>,
Alexandre Chartre <alexandre.chartre@oracle.com>,
kbuild-all@lists.01.org,
clang-built-linux <clang-built-linux@googlegroups.com>,
linux-toolchains@vger.kernel.org,
kernel test robot <lkp@intel.com>,
Arvind Sankar <nivedita@alum.mit.edu>
Subject: Re: [RFC][PATCH 21/24] x86/entry: Disable stack-protector for IST entry C handlers
Date: Wed, 25 Nov 2020 17:00:10 -0600 [thread overview]
Message-ID: <20201125230010.GC2672@gate.crashing.org> (raw)
In-Reply-To: <202011251156.055E59A@keescook>
On Wed, Nov 25, 2020 at 11:56:40AM -0800, Kees Cook wrote:
> On Sat, Nov 14, 2020 at 11:20:17AM +0100, Ard Biesheuvel wrote:
> > In spite of the apparent difference of opinion here, there are two
> > irrefutable facts about __attribute__((optimize)) on GCC that can only
> > lead to the conclusion that we must never use it in Linux:
> > - the GCC developers refuse to rigorously define its behavior, so we
> > don't know what it actually does;
This is because it isn't clear at all what it *should* do, for some
options. For others it is obvious, and it works just fine for those.
(And we do not rigorously define the behaviour of almost *anything*, not
in the user manual anyway!)
The interface has huge usability problems. We want to wean people off
of using this attribute. But claiming all kinds of FUD about it is a
disservice to users: it works fine for where it does work, there is no
reason for people to hurriedly change their code (or change it at all).
> > So it does not matter whether you call that quirky or something else,
> > there is no way we can make meaningful use of it, and therefore,
> > abstracting or parameterizing any of its uses should be avoided as
> > well.
>
> Perhaps it's worth adding this to CodingStyle or deprecated.rst?
Sure! But please don't claim things that aren't broken are.
Segher
next prev parent reply other threads:[~2020-11-25 23:06 UTC|newest]
Thread overview: 69+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-09 14:44 [RFC][PATCH 00/24] x86/pti: Defer CR3 switch to C code Alexandre Chartre
2020-11-09 14:44 ` [RFC][PATCH 01/24] x86/syscall: Add wrapper for invoking syscall function Alexandre Chartre
2020-11-09 14:44 ` [RFC][PATCH 02/24] x86/entry: Update asm_call_on_stack to support more function arguments Alexandre Chartre
2020-11-09 14:44 ` [RFC][PATCH 03/24] x86/entry: Consolidate IST entry from userspace Alexandre Chartre
2020-11-09 14:44 ` [RFC][PATCH 04/24] x86/sev-es: Define a setup stack function for the VC idtentry Alexandre Chartre
2020-11-09 14:44 ` [RFC][PATCH 05/24] x86/entry: Implement ret_from_fork body with C code Alexandre Chartre
2020-11-10 16:24 ` kernel test robot
2020-11-15 21:26 ` kernel test robot
2020-11-15 21:34 ` kernel test robot
2020-11-09 14:44 ` [RFC][PATCH 06/24] x86/pti: Provide C variants of PTI switch CR3 macros Alexandre Chartre
2020-11-09 14:44 ` [RFC][PATCH 07/24] x86/entry: Fill ESPFIX stack using C code Alexandre Chartre
2020-11-10 16:52 ` kernel test robot
2020-11-09 14:44 ` [RFC][PATCH 08/24] x86/entry: Add C version of SWAPGS and SWAPGS_UNSAFE_STACK Alexandre Chartre
2020-11-09 19:55 ` Alexandre Chartre
2020-11-09 14:44 ` [RFC][PATCH 09/24] x86/entry: Add C version of paranoid_entry/exit Alexandre Chartre
2020-11-10 18:40 ` kernel test robot
2020-11-09 14:44 ` [RFC][PATCH 10/24] x86/pti: Introduce per-task PTI trampoline stack Alexandre Chartre
2020-11-09 14:44 ` [RFC][PATCH 11/24] x86/pti: Function to clone page-table entries from a specified mm Alexandre Chartre
2020-11-09 14:44 ` [RFC][PATCH 12/24] x86/pti: Function to map per-cpu page-table entry Alexandre Chartre
2020-11-09 14:44 ` [RFC][PATCH 13/24] x86/pti: Extend PTI user mappings Alexandre Chartre
2020-11-09 19:56 ` Alexandre Chartre
2020-11-10 23:39 ` Andy Lutomirski
2020-11-11 8:55 ` Alexandre Chartre
2020-11-13 8:48 ` kernel test robot
2020-11-09 14:44 ` [RFC][PATCH 14/24] x86/pti: Use PTI stack instead of trampoline stack Alexandre Chartre
2020-11-09 14:44 ` [RFC][PATCH 15/24] x86/pti: Execute syscall functions on the kernel stack Alexandre Chartre
2020-11-09 14:44 ` [RFC][PATCH 16/24] x86/pti: Execute IDT handlers " Alexandre Chartre
2020-11-09 14:44 ` [RFC][PATCH 17/24] x86/pti: Execute IDT handlers with error code " Alexandre Chartre
2020-11-09 14:44 ` [RFC][PATCH 18/24] x86/pti: Execute system vector handlers " Alexandre Chartre
2020-11-09 14:44 ` [RFC][PATCH 19/24] x86/pti: Execute page fault handler " Alexandre Chartre
2020-11-09 14:44 ` [RFC][PATCH 20/24] x86/pti: Execute NMI " Alexandre Chartre
2020-11-09 14:44 ` [RFC][PATCH 21/24] x86/entry: Disable stack-protector for IST entry C handlers Alexandre Chartre
2020-11-13 7:58 ` kernel test robot
2020-11-13 18:59 ` Nick Desaulniers
2020-11-13 18:59 ` Nick Desaulniers
2020-11-13 19:39 ` Alexandre Chartre
2020-11-13 19:39 ` Alexandre Chartre
2020-11-13 19:45 ` Nick Desaulniers
2020-11-13 19:45 ` Nick Desaulniers
2020-11-13 23:47 ` Segher Boessenkool
2020-11-14 0:01 ` Miguel Ojeda
2020-11-14 0:01 ` Miguel Ojeda
2020-11-14 0:26 ` Segher Boessenkool
2020-11-14 1:58 ` Miguel Ojeda
2020-11-14 1:58 ` Miguel Ojeda
2020-11-14 10:20 ` Ard Biesheuvel
2020-11-14 10:20 ` Ard Biesheuvel
2020-11-25 19:56 ` Kees Cook
2020-11-25 19:56 ` Kees Cook
2020-11-25 23:00 ` Segher Boessenkool [this message]
2020-11-26 6:40 ` Ard Biesheuvel
2020-11-26 6:40 ` Ard Biesheuvel
2020-11-26 20:22 ` Segher Boessenkool
2020-11-26 21:05 ` Arvind Sankar
2020-11-26 21:05 ` Arvind Sankar
2020-11-26 22:00 ` Ard Biesheuvel
2020-11-26 22:00 ` Ard Biesheuvel
2020-11-14 0:11 ` Nick Desaulniers
2020-11-14 0:11 ` Nick Desaulniers
2020-11-14 0:43 ` Segher Boessenkool
2020-11-14 0:48 ` Nick Desaulniers
2020-11-14 0:48 ` Nick Desaulniers
2020-11-09 14:44 ` [RFC][PATCH 22/24] x86/entry: Defer paranoid entry/exit to C code Alexandre Chartre
2020-11-15 22:51 ` kernel test robot
2020-11-09 14:44 ` [RFC][PATCH 23/24] x86/entry: Remove paranoid_entry and paranoid_exit Alexandre Chartre
2020-11-09 14:44 ` [RFC][PATCH 24/24] x86/pti: Defer CR3 switch to C code for non-IST and syscall entries Alexandre Chartre
2020-11-09 19:35 ` [RFC][PATCH 00/24] x86/pti: Defer CR3 switch to C code Dave Hansen
2020-11-09 19:53 ` Alexandre Chartre
-- strict thread matches above, loose matches on Subject: below --
2020-11-09 11:22 Alexandre Chartre
2020-11-09 11:23 ` [RFC][PATCH 21/24] x86/entry: Disable stack-protector for IST entry C handlers Alexandre Chartre
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201125230010.GC2672@gate.crashing.org \
--to=segher@kernel.crashing.org \
--cc=alexandre.chartre@oracle.com \
--cc=ardb@kernel.org \
--cc=clang-built-linux@googlegroups.com \
--cc=kbuild-all@lists.01.org \
--cc=keescook@chromium.org \
--cc=linux-toolchains@vger.kernel.org \
--cc=lkp@intel.com \
--cc=miguel.ojeda.sandonis@gmail.com \
--cc=ndesaulniers@google.com \
--cc=nivedita@alum.mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.