From mboxrd@z Thu Jan  1 00:00:00 1970
From: "Perla, Enrico" <enrico.perla@intel.com>
Subject: RE: [RFC PATCH] x86/entry/64: randomize kernel stack offset upon
 system call
Date: Tue, 12 Feb 2019 10:16:01 +0000
Message-ID: <5E269FBC3009974381A340959F3135C95C8F78E5@hasmsx108.ger.corp.intel.com>
References: <1549628149-11881-1-git-send-email-elena.reshetova@intel.com>
 <1549628149-11881-2-git-send-email-elena.reshetova@intel.com>
 <20190208130544.GI32511@hirez.programming.kicks-ass.net>
 <2236FBA76BA1254E88B949DDB74E612BA4BB7580@IRSMSX102.ger.corp.intel.com>
 <20190208142642.GJ32511@hirez.programming.kicks-ass.net>
 <2236FBA76BA1254E88B949DDB74E612BA4BB96C5@IRSMSX102.ger.corp.intel.com>
 <CALCETrXA8PBtu6B5z5gjJV4X_pe16f4DE7T5o5AspgMckBRWKA@mail.gmail.com>
 <2236FBA76BA1254E88B949DDB74E612BA4BBA73C@IRSMSX102.ger.corp.intel.com>
 <EBF96DB2-B25D-437B-A067-F187E031BC3E@amacapital.net>
In-Reply-To: <EBF96DB2-B25D-437B-A067-F187E031BC3E@amacapital.net>
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
To: Andy Lutomirski <luto@amacapital.net>, "Reshetova, Elena" <elena.reshetova@intel.com>
Cc: Andy Lutomirski <luto@kernel.org>, Jann Horn <jannh@google.com>, Peter
 Zijlstra <peterz@infradead.org>, "kernel-hardening@lists.openwall.com" <kernel-hardening@lists.openwall.com>, "tglx@linutronix.de" <tglx@linutronix.de>, "mingo@redhat.com" <mingo@redhat.com>, "bp@alien8.de" <bp@alien8.de>, "keescook@chromium.org" <keescook@chromium.org>, "tytso@mit.edu" <tytso@mit.edu>
List-ID: <kernel-hardening.lists.openwall.com>

SGksDQogIEkgd2FzIHNvbWV3aGF0IGZvbmQgb2YgcmFuZG9taXppbmcgdGhlIHB0X3JlZ3MgbG9j
YXRpb24sIGFzIHRoYXQgaXMgc29tZXRoaW5nIEkgY291bGQgcmVsYXRlIHdpdGggaW4gd3JpdGlu
ZyBhbiBleHBsb2l0IChoYW5keSB3YXkgdG8gbG9hZCB1c2VyIGNvbnRyb2xsZWQgZGF0YSB0byBr
ZXJuZWwgYXQgYSBrbm93biBsb2NhdGlvbikuDQoNCkJ1dCwgYXMgSmFubiBwb2ludGVkIG91dCwg
dGhhdCBvbmx5IGhhcyB2YWx1ZSBpbiBhIHB0cmFjZS1ibG9ja2VkIHNhbmRib3gsIGJlY2F1c2Ug
dGhlIHJhbmRvbWl6YXRpb24gb2Zmc2V0IGNhbiBiZSBsZWFrZWQgb3RoZXJ3aXNlIHRocm91Z2gg
cHRyYWNlIFBFRUsvUE9LRSBhbmQgb2JzZXJ2aW5nIGNhY2hlIGJlaGF2aW9yLiBXb3JzZSwgaWYg
cHRyYWNlIGlzIHByZXNlbnQsIHRoZW4gdGhlIHJhbmRvbWl6YXRpb24gaXMgbW9vdC4NCg0KU2lu
Y2UgY29udGFpbmVycyBzZWVtcyB0byBiZSBnb2luZyB0b3dhcmRzIGxlYXZpbmcgcHRyYWNlIG9w
ZW4sIEknbSBub3cgd29uZGVyaW5nIHdoZXRoZXIgdGhhdCBpcyBhIGdvb2QgbW90aXZhdGlvbiBh
dCBhbGwgYW5kIHRoZSBwcm9wb3NlZCBzaW1wbGlmaWVkIHZlcnNpb24gaXMgbm90IGp1c3QgYmV0
dGVyLiANCg0KPiANCj4gSWYgYW4gYXR0YWNrZXIgaGFzIHdyaXRlLXdoYXQtd2hlcmUgKGkuZS4g
Y2FuIHdyaXRlIGNvbnRyb2xsZWQgdmFsdWVzIHRvDQo+IGNvbnRyb2xsZWQgYWJzb2x1dGUgdmly
dHVhbCBhZGRyZXNzZXMpLCB0aGVuIEkgZXhwZWN0IHRoYXQgcHRfcmVncyBpcyBhIHByZXR0eQ0K
PiBsb3cgcmFua2luZyB0YXJnZXQuICBCdXQgaXQgbWF5IGJlIGEgZmFpcmx5IGp1aWN5IHRhcmdl
dCBpZiB5b3UgaGF2ZSBhIHN0YWNrDQo+IGJ1ZmZlciBvdmVyZmxvdyB0aGF0IGxldHMgYW4gYXR0
YWNrZXIgd3JpdGUgdG8gYSBjb250cm9sbGVkICpvZmZzZXQqIGZyb20gdGhlDQo+IHN0YWNrLiBX
ZSB1c2VkIHRvIGtlZXAgdGhyZWFkX2luZm8gYXQgdGhlIGJvdHRvbSBvZiB0aGUgc3RhY2ssIGFu
ZCB0aGF0IHdhcw0KPiBhIGdyZWF0IGF0dGFjayB0YXJnZXQuDQo+IA0KPiBCdXQgdGhlcmXigJlz
IGFuIGVhc2llciBtaXRpZ2F0aW9uOiBqdXN0IGRvIHJlZ3MtPmNzIHw9IDMgb3Igc29tZXRoaW5n
IGxpa2UgdGhhdA0KPiBpbiB0aGUgZXhpdCBjb2RlLiBUaGVuIGFueSBzdWNoIGF0dGFjayBjYW4g
b25seSBjb3JydXB0ICp1c2VyKiBzdGF0ZS4gIFRoZQ0KPiBwZXJmb3JtYW5jZSBpbXBhY3Qgd291
bGQgYmUgKnZlcnkqIGxvdywgc2luY2UgdGhpcyBjb3VsZCBnbyBpbiB0aGUgYXNtDQo+IHBhdGgg
dGhhdOKAmXMgb25seSB1c2VkIGZvciBJUkVUIHRvIHVzZXIgbW9kZS4NCg0KVGhhdCdzIGFsbCBm
YWlyLiBXaGF0IEkgc3RydWdnbGUgd2l0aCBpcyBmaW5kaW5nIGEgcHJlY2lzZSBtb3RpdmF0aW9u
IGZvciB0aGUgcmFuZG9taXphdGlvbiAoZ3JhbnRlZCB0aGlzIG1pZ2h0IGJlIGV4dGVuZGVkIHRv
IG90aGVyIEtBU0xSIGNhc2VzLCBzbyBwZXJoYXBzIGlzIG5vdCBhIHN0cm9uZyBoYXJkIHN0b3Ap
Lg0KDQpUaGUgcHJvcG9zZWQgcmFuZG9taXphdGlvbiBkb2VzIGZpdCB0aGUgb3ZlcmFsbCBLQVNM
UiBzdG9yeSBhbmQgaXQgZG9lcyBpdHMgam9iIG9mIG5vdCBsZXR0aW5nIGFuIGF0dGFja2VyIHBy
ZWRpY3QgZnV0dXJlIHN0YWNrIG9mZnNldCBmcm9tIG9uZSBsZWFrLCBidXQgaW4gcHJhY3RpY2Fs
IHRlcm1zIEknbSBzdHJ1Z2dsaW5nIHRvIGZpbmQgYSBjYXNlIG9yIHR3byB3aGVyZSB0aGlzIHdv
dWxkIGhhdmUgbWFkZSBhIGRpZmZlcmVuY2UgaW4gYW4gZXhwbG9pdC4NCg0KQ2FuIGFueSBvZiB5
b3UgdGhpbmsgb2Ygc29tZT8NCg0KDQogICAgICAgICAgICAgICAgIC0gICBFbnJpY28NCg0KLS0t
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t
LS0tLS0tLS0tCklOVEVMIENPUlBPUkFUSU9OIElUQUxJQSBTLnAuQS4gY29uIHVuaWNvIHNvY2lv
ClNlZGU6IE1pbGFub2Zpb3JpIFBhbGF6em8gRSA0IApDQVAgMjAwOTQgQXNzYWdvIChNSSkKQ2Fw
aXRhbGUgU29jaWFsZSBFdXJvIDEwNC4wMDAsMDAgaW50ZXJhbWVudGUgdmVyc2F0bwpQYXJ0aXRh
IEkuVi5BLiBlIENvZGljZSBGaXNjYWxlICAwNDIzNjc2MDE1NQpSZXBlcnRvcmlvIEVjb25vbWlj
byBBbW1pbmlzdHJhdGl2byBuLiA5OTcxMjQgClJlZ2lzdHJvIGRlbGxlIEltcHJlc2UgZGkgTWls
YW5vIG5yLiAxODM5ODMvNTI4MS8zMwpTb2dnZXR0YSBhZCBhdHRpdml0YScgZGkgZGlyZXppb25l
IGUgY29vcmRpbmFtZW50byBkaSAKSU5URUwgQ09SUE9SQVRJT04sIFVTQQoKVGhpcyBlLW1haWwg
YW5kIGFueSBhdHRhY2htZW50cyBtYXkgY29udGFpbiBjb25maWRlbnRpYWwgbWF0ZXJpYWwgZm9y
CnRoZSBzb2xlIHVzZSBvZiB0aGUgaW50ZW5kZWQgcmVjaXBpZW50KHMpLiBBbnkgcmV2aWV3IG9y
IGRpc3RyaWJ1dGlvbgpieSBvdGhlcnMgaXMgc3RyaWN0bHkgcHJvaGliaXRlZC4gSWYgeW91IGFy
ZSBub3QgdGhlIGludGVuZGVkCnJlY2lwaWVudCwgcGxlYXNlIGNvbnRhY3QgdGhlIHNlbmRlciBh
bmQgZGVsZXRlIGFsbCBjb3BpZXMuCg==