From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1756947AbcIZFLA (ORCPT <rfc822;w@1wt.eu>);
        Mon, 26 Sep 2016 01:11:00 -0400
Received: from mail-it0-f47.google.com ([209.85.214.47]:37292 "EHLO
        mail-it0-f47.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1750754AbcIZFK4 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 26 Sep 2016 01:10:56 -0400
Date: Sun, 25 Sep 2016 23:10:53 -0600
From: Tycho Andersen <tycho.andersen@canonical.com>
To: Jann Horn <jann@thejh.net>
Cc: Kees Cook <keescook@chromium.org>,
        Andy Lutomirski <luto@amacapital.net>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        Andy Lutomirski <luto@kernel.org>, X86 ML <x86@kernel.org>,
        Borislav Petkov <bp@alien8.de>,
        "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
        Brian Gerst <brgerst@gmail.com>
Subject: Re: [PATCH 09/12] x86/process: Pin the target stack in get_wchan()
Message-ID: <20160926051053.GA6713@hopstrocity>
References: <cover.1473801993.git.luto@kernel.org>
 <b1e2a12f27786c51dba59a091f25a0df9c8f2dd4.1473801993.git.luto@kernel.org>
 <20160917020051.GD2543@pc.thejh.net>
 <CALCETrXbz+yKan15AO9TfmMbNdSKg44aKrpEcFLhO28zUMm+Zg@mail.gmail.com>
 <20160923074306.GE20504@pc.thejh.net>
 <CAGXu5j+ycZpndDb4rOqRU2QqNG6ydASNBqBU-mvG3Wt85ET+9w@mail.gmail.com>
 <20160923183443.GA3416@pc.thejh.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20160923183443.GA3416@pc.thejh.net>
User-Agent: Mutt/1.5.24 (2015-08-30)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, Sep 23, 2016 at 08:34:43PM +0200, Jann Horn wrote:
> On Fri, Sep 23, 2016 at 11:28:26AM -0700, Kees Cook wrote:
> > Does CRIU use this? I wouldn't expect so, since they're using ptrace,
> > IIUC, to freeze/restore.
> 
> As far as I can tell:
> 
> parse_pid_stat() parses them into a struct proc_pid_stat as "esp" and "eip",
> but those struct members are never used (like, probably, most other members
> of that struct).

Yes, that's my reading of it too.

> child_opened_proc.c just opens /proc/%d/stat and then closes it again
> immediately.

This is just a test for ordering of things that are restored, and it
could use any file in /proc, stat was just convenient.

> So in summary: I don't think so.

Yep, agreed.

Tycho