From: Heiko Carstens <hca@linux.ibm.com>
To: Mark Rutland <mark.rutland@arm.com>
Cc: Kees Cook <keescook@chromium.org>,
Alexander Popov <alex.popov@linux.com>,
Vasily Gorbik <gor@linux.ibm.com>,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH 1/2] stackleak: allow to specify arch specific stackleak poison function
Date: Wed, 12 Apr 2023 11:58:07 +0200 [thread overview]
Message-ID: <ZDaAr0Tg5DPJM9BY@osiris> (raw)
In-Reply-To: <ZDZz8QvPdpGJqMd6@FVFF77S0Q05N>
On Wed, Apr 12, 2023 at 10:03:46AM +0100, Mark Rutland wrote:
> On Wed, Apr 05, 2023 at 03:08:40PM +0200, Heiko Carstens wrote:
> > Factor out the code that fills the stack with the stackleak poison value
> > in order to allow architectures to provide a faster implementation.
> >
> > Acked-by: Vasily Gorbik <gor@linux.ibm.com>
> > Signed-off-by: Heiko Carstens <hca@linux.ibm.com>
>
> As on patch 2, it might be nicer to have a noinstr-safe memset64() and use that
> directly, but I don't have strong feelings either way, and I'll defer to Kees's
> judgement:
Wouldn't that enforce that memset64() wouldn't be allowed to have an own
stackframe, since otherwise it would write poison values to it, since we
have
if (on_task_stack)
erase_high = current_stack_pointer;
in __stackleak_erase()?
That was actually my motiviation to make this s390 optimization an always
inline asm.
Besides that this wouldn't be a problem for at least s390, since memset64()
is an asm function which comes whithout the need for a stackframe, but on
the other hand this would add a quite subtle requirement to memset64(), if
I'm not mistaken.
next prev parent reply other threads:[~2023-04-12 9:58 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-04-05 13:08 [PATCH 0/2] stackleak: allow to specify arch specific stackleak poison function Heiko Carstens
2023-04-05 13:08 ` [PATCH 1/2] " Heiko Carstens
2023-04-12 9:03 ` Mark Rutland
2023-04-12 9:58 ` Heiko Carstens [this message]
2023-04-12 10:06 ` Mark Rutland
2023-04-05 13:08 ` [PATCH 2/2] s390/stackleak: provide fast __stackleak_poison() implementation Heiko Carstens
2023-04-12 9:02 ` Mark Rutland
2023-04-18 17:21 ` [PATCH 0/2] stackleak: allow to specify arch specific stackleak poison function Heiko Carstens
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZDaAr0Tg5DPJM9BY@osiris \
--to=hca@linux.ibm.com \
--cc=alex.popov@linux.com \
--cc=gor@linux.ibm.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mark.rutland@arm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox