From: Arjan van de Ven <arjan@linux.intel.com>
To: Nix <nix@esperi.org.uk>
Cc: linux-kernel@vger.kernel.org
Subject: Re: [Patch 5 of 8] Add the __stack_chk_fail() function
Date: Sun, 19 Mar 2006 19:06:32 +0100 [thread overview]
Message-ID: <441D9DA8.90807@linux.intel.com> (raw)
In-Reply-To: <878xr62u70.fsf@hades.wkstn.nix>
Nix wrote:
> On 17 Mar 2006, Arjan van de Ven wrote:
>> GCC emits a call to a __stack_chk_fail() function when the cookie is not
>> matching the expected value. Since this is a bad security issue; lets panic
>> the kernel
>
> This turns even minor buffer overflows into complete denials of service.
only those who otherwise would get to the return address. So it turns a "own the machine" into a panic.
Not a "no side effects" thing....
> If we're running in process context and the process is currently
> killable it might make more sense to printk() a message and zap the
> process; that way we only halt whatever service it is the attacker
> hit us through.
maybe. The big question is if you can still trust the machine. That is highly questionable...
(and to kill the process you again need to trust bits of the stack, to get to current for example;
and you just found that the stack was compromised)
next prev parent reply other threads:[~2006-03-19 18:06 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-03-17 16:10 [Patch 0/8] Port of -fstack-protector to the kernel Arjan van de Ven
2006-03-17 16:11 ` [Patch 1 of 8] Pack the x86-64 PDA structure Arjan van de Ven
2006-03-17 16:13 ` [Patch 3 of 8] Introduce a config option for stack-protector Arjan van de Ven
2006-03-17 16:13 ` [Patch 2 of 8] annotate the PDA structure with offsets Arjan van de Ven
2006-03-18 9:38 ` Ingo Molnar
2006-03-18 9:46 ` Arjan van de Ven
2006-03-17 16:14 ` [Patch 4 of 8] Add the cookie field Arjan van de Ven
2006-03-17 16:14 ` [Patch 5 of 8] Add the __stack_chk_fail() function Arjan van de Ven
2006-03-19 17:57 ` Nix
2006-03-19 18:06 ` Arjan van de Ven [this message]
2006-03-19 19:06 ` Nix
2006-03-17 16:15 ` [Patch 6 of 8] Implement the CFLAGs side Arjan van de Ven
2006-03-17 16:16 ` [Patch 7 of 8] Finish PDA offset annotations Arjan van de Ven
2006-03-17 16:17 ` [Patch 8 of 8] GCC 4.1 patch for kernel stack-protector Arjan van de Ven
2006-03-17 16:50 ` [Patch 0/8] Port of -fstack-protector to the kernel Michal Piotrowski
2006-03-17 16:53 ` Arjan van de Ven
2006-03-18 9:41 ` Ingo Molnar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=441D9DA8.90807@linux.intel.com \
--to=arjan@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=nix@esperi.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox