Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 26 Apr 2022 20:21:50 +0200
From: Adam Zabrocki <>
Subject: Re: pCFI  false positive

Hi Li,

Thanks for the informaiton. Would you be able to submit PR for this changes?


On Thu, Apr 14, 2022 at 06:08:53PM +0800, 李诚(允诚) wrote:
> Hi,all
>      I tested lkrg-0.9.2 on an ARM64 board, and met a pCFI false positive issue about 
> "Stack pointer corruption (ROP?)" for  the security_capable() function.
>    I found that sometimes the security_capable() may be called in the interrupt context , 
> then the p_ed_enforce_pcfi() would warn about the stack pointer mismatch and kill the 
> victim process.
>   Maybe the p_ed_enforce_pcfi() should use (unsigned long)p_task->stack if it finds that
> p_regs_get_sp(p_regs) belongs to the irq_stack ?
> thanks and best regards,
> Li Cheng

pi3 (pi3ki31ny) - pi3 (at) itsec pl

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.