From mboxrd@z Thu Jan 1 00:00:00 1970 From: Nix Date: Mon, 30 May 2016 12:43:01 +0000 Subject: Re: [4.1.x -- 4.6.x and probably HEAD] Reproducible unprivileged panic/TLB BUG on sparc via a stack- Message-Id: <878tyrvhre.fsf@esperi.org.uk> List-Id: References: <87fut34unx.fsf@esperi.org.uk> <87fut34unx.fsf@esperi.org.uk> <87twhj3ag0.fsf@esperi.org.uk> <20160528.230250.216567426920998466.davem@davemloft.net> In-Reply-To: <20160528.230250.216567426920998466.davem@davemloft.net> (David Miller's message of "Sat, 28 May 2016 23:02:50 -0700 (PDT)") MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: David Miller Cc: linux-kernel@vger.kernel.org, sparclinux@vger.kernel.org, fweimer@redhat.com On 29 May 2016, David Miller spake thusly: > BTW Nick, in thinking through all of this, I want to strongly encourage > you to disable stack protector for all sigreturn stubs in the GLIBC tree. I completely concur, and have already written (but not committed) a patch to do this: I'll augment the existing sparc-only patch into a sigreturn-stubs patch. I *think* I spotted all the stubs. (Many of them are in assembler, but not all.) (If there's anything else which involves calling functions with a precisely-aligned stack and an expectation of no stack pointer movement in the prologue or epilogue, I'd be interested to know about it, since that'll need inhibit_stack_protector'ing too.) -- NULL && (void) From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933214AbcE3MnN (ORCPT ); Mon, 30 May 2016 08:43:13 -0400 Received: from icebox.esperi.org.uk ([81.187.191.129]:47612 "EHLO mail.esperi.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754087AbcE3MnL (ORCPT ); Mon, 30 May 2016 08:43:11 -0400 From: Nix To: David Miller Cc: linux-kernel@vger.kernel.org, sparclinux@vger.kernel.org, fweimer@redhat.com Subject: Re: [4.1.x -- 4.6.x and probably HEAD] Reproducible unprivileged panic/TLB BUG on sparc via a stack-protected rt_sigaction() ka_restorer, courtesy of the glibc testsuite References: <87fut34unx.fsf@esperi.org.uk> <87fut34unx.fsf@esperi.org.uk> <87twhj3ag0.fsf@esperi.org.uk> <20160528.230250.216567426920998466.davem@davemloft.net> Emacs: or perhaps you'd prefer Russian Roulette, after all? Date: Mon, 30 May 2016 13:43:01 +0100 In-Reply-To: <20160528.230250.216567426920998466.davem@davemloft.net> (David Miller's message of "Sat, 28 May 2016 23:02:50 -0700 (PDT)") Message-ID: <878tyrvhre.fsf@esperi.org.uk> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.0.50 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-DCC--Metrics: spindle 1282; Body=4 Fuz1=4 Fuz2=4 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 29 May 2016, David Miller spake thusly: > BTW Nick, in thinking through all of this, I want to strongly encourage > you to disable stack protector for all sigreturn stubs in the GLIBC tree. I completely concur, and have already written (but not committed) a patch to do this: I'll augment the existing sparc-only patch into a sigreturn-stubs patch. I *think* I spotted all the stubs. (Many of them are in assembler, but not all.) (If there's anything else which involves calling functions with a precisely-aligned stack and an expectation of no stack pointer movement in the prologue or epilogue, I'd be interested to know about it, since that'll need inhibit_stack_protector'ing too.) -- NULL && (void)