From: Kees Cook <keescook@chromium.org>
To: PaX Team <pageexec@freemail.hu>
Cc: LKML <linux-kernel@vger.kernel.org>,
Peter Zijlstra <peterz@infradead.org>,
Jann Horn <jannh@google.com>, Eric Biggers <ebiggers3@gmail.com>,
Christoph Hellwig <hch@infradead.org>,
"axboe@kernel.dk" <axboe@kernel.dk>,
James Bottomley <James.Bottomley@hansenpartnership.com>,
Elena Reshetova <elena.reshetova@intel.com>,
Hans Liljestrand <ishkamiel@gmail.com>,
David Windsor <dwindsor@gmail.com>,
"x86@kernel.org" <x86@kernel.org>, Ingo Molnar <mingo@kernel.org>,
Arnd Bergmann <arnd@arndb.de>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
"David S. Miller" <davem@davemloft.net>,
Rik van Riel <riel@redhat.com>,
linux-arch <linux-arch@vger.kernel.org>,
"kernel-hardening@lists.openwall.com"
<kernel-hardening@lists.openwall.com>
Subject: Re: [PATCH v2 0/2] x86, refcount: Implement fast refcount overflow
Date: Tue, 25 Apr 2017 20:59:10 -0700 [thread overview]
Message-ID: <CAGXu5j+N9x+jXB4ozDPnTSXT4EHTjuQ8mOuCmAtBEpwe8bLusQ@mail.gmail.com> (raw)
In-Reply-To: <58FFFF78.5586.1FBAC458@pageexec.freemail.hu>
On Tue, Apr 25, 2017 at 7:01 PM, PaX Team <pageexec@freemail.hu> wrote:
> On 25 Apr 2017 at 15:56, Kees Cook wrote:
>
>> This protection is a modified version of the x86 PAX_REFCOUNT
>> implementation from PaX/grsecurity. This speeds up the refcount_t API by
>> duplicating the existing atomic_t implementation with a single instruction
>> added to detect if the refcount has wrapped past INT_MAX (or below 0)
>> resulting in a signed value.
>
> 'signed value' sounds somewhat ambiguous given that in C a signed type (such
> as the one beneath refcount_t) can have both negative and positive values yet
> you didn't mean the latter here i guess.
Yeah, the language for the CPU "sign flag" confuses this. I will
attempt to clarify for future versions.
>> Various differences from PaX:
>> - uses "js" instead of "jo" to trap all signed results instead of just
>> under/overflow transitions
>
> there're differences in my 4.11 port but this isn't one of them.
Any changes you'd suggest for upstreaming?
-Kees
--
Kees Cook
Pixel Security
prev parent reply other threads:[~2017-04-26 3:59 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-04-25 22:56 [PATCH v2 0/2] x86, refcount: Implement fast refcount overflow Kees Cook
2017-04-25 22:56 ` [PATCH v2 1/2] x86, asm: Add suffix macro for GEN_*_RMWcc() Kees Cook
2017-04-25 22:56 ` [PATCH v2 2/2] x86, refcount: Implement fast refcount overflow protection Kees Cook
2017-04-26 0:25 ` Jann Horn
2017-04-26 3:52 ` Kees Cook
2017-04-27 1:31 ` kbuild test robot
2017-04-27 20:22 ` Kees Cook
2017-05-01 15:54 ` Josh Poimboeuf
2017-05-01 17:28 ` Kees Cook
2017-05-01 22:33 ` Josh Poimboeuf
2017-05-01 16:30 ` Josh Poimboeuf
2017-05-01 17:36 ` Kees Cook
2017-05-01 22:45 ` Josh Poimboeuf
2017-04-26 2:01 ` [PATCH v2 0/2] x86, refcount: Implement fast refcount overflow PaX Team
2017-04-26 3:59 ` Kees Cook [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAGXu5j+N9x+jXB4ozDPnTSXT4EHTjuQ8mOuCmAtBEpwe8bLusQ@mail.gmail.com \
--to=keescook@chromium.org \
--cc=James.Bottomley@hansenpartnership.com \
--cc=arnd@arndb.de \
--cc=axboe@kernel.dk \
--cc=davem@davemloft.net \
--cc=dwindsor@gmail.com \
--cc=ebiggers3@gmail.com \
--cc=elena.reshetova@intel.com \
--cc=gregkh@linuxfoundation.org \
--cc=hch@infradead.org \
--cc=ishkamiel@gmail.com \
--cc=jannh@google.com \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-arch@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@kernel.org \
--cc=pageexec@freemail.hu \
--cc=peterz@infradead.org \
--cc=riel@redhat.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).