Re: [PATCH v12 01/12] add support for Clang's Shadow Call Stack (SCS)

From: Will Deacon
Date: Wed Apr 22 2020 - 14:00:50 EST

Next message: Dexuan Cui: "RE: [PATCH] scsi: storvsc: Fix a panic in the hibernation procedure"
Previous message: Sowjanya Komatineni: "Re: [RFC PATCH v9 5/9] dt-binding: tegra: Add VI and CSI bindings"
In reply to: Kees Cook: "Re: [PATCH v12 01/12] add support for Clang's Shadow Call Stack (SCS)"
Next in thread: Kees Cook: "Re: [PATCH v12 01/12] add support for Clang's Shadow Call Stack (SCS)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Apr 22, 2020 at 10:54:45AM -0700, Kees Cook wrote:
> On Mon, Apr 20, 2020 at 07:14:42PM -0700, Sami Tolvanen wrote:
> > +void scs_release(struct task_struct *tsk)
> > +{
> > + void *s;
> > +
> > + s = __scs_base(tsk);
> > + if (!s)
> > + return;
> > +
> > + WARN_ON(scs_corrupted(tsk));
> > +
>
> I'd like to have task_set_scs(tsk, NULL) retained here, to avoid need to
> depend on the released task memory getting scrubbed at a later time.

Hmm, doesn't it get zeroed almost immediately by kmem_cache_free() if
INIT_ON_FREE_DEFAULT_ON is set? That seems much better than special-casing
SCS, as there's a tonne of other useful stuff kicking around in the
task_struct and treating this specially feels odd to me.

Will

Next message: Dexuan Cui: "RE: [PATCH] scsi: storvsc: Fix a panic in the hibernation procedure"
Previous message: Sowjanya Komatineni: "Re: [RFC PATCH v9 5/9] dt-binding: tegra: Add VI and CSI bindings"
In reply to: Kees Cook: "Re: [PATCH v12 01/12] add support for Clang's Shadow Call Stack (SCS)"
Next in thread: Kees Cook: "Re: [PATCH v12 01/12] add support for Clang's Shadow Call Stack (SCS)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]