Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 14 Jul 2018 19:04:07 -0700
From: Kees Cook <>
To: Vlastimil Babka <>
Cc: Chris von Recklinghausen <>, Laura Abbott <>, 
	Paolo Abeni <>, LKML <>, 
	Linux-MM <>, Kernel Hardening <>
Subject: Re: [PATCH v7] add param that allows bootline control of hardened usercopy

On Wed, Jul 4, 2018 at 10:47 AM, Vlastimil Babka <> wrote:
> On 07/04/2018 06:52 PM, Kees Cook wrote:
>> This produces less efficient code in the general case, and I'd like to
>> keep the general case (hardening enabled) as fast as possible.
> How specifically is the code less efficient? It should be always a
> static key check (no-op thanks to the code patching involved) and a
> function call in the "hardening enabled" case, just in different order.
> And in either case compiled out if it's a constant.

My understanding from reading the jump label comments[1] is that on
order produces:

do normal thing
do rest of function
do exceptional thing
jump label1

where "NOP" is changed to "JMP label2" when toggled, and the other is:

JMP label1
do exceptional thing
JMP label2
do normal thing
do rest of function

where "JMP label1" is changed to NOP when toggled. (i.e. does the
default do NOP, thing, function, or does the default to JMP, thing,
JMP, function)



Kees Cook
Pixel Security

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.