Re: [PATCH RFC v9 4/7] x86/entry: Erase kernel stack in syscall_trace_enter()

From: Peter Zijlstra
Date: Mon Mar 05 2018 - 15:27:59 EST

Next message: Eric Anholt: "[PATCH 0/5] VCHI DT bindings"
Previous message: Mark Brown: "[PATCH] regmap: debugfs: Don't leak dummy names"
In reply to: Kees Cook: "Re: [PATCH RFC v9 4/7] x86/entry: Erase kernel stack in syscall_trace_enter()"
Next in thread: Alexander Popov: "Re: [PATCH RFC v9 4/7] x86/entry: Erase kernel stack in syscall_trace_enter()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Mar 05, 2018 at 12:06:18PM -0800, Kees Cook wrote:
> On Mon, Mar 5, 2018 at 11:40 AM, Dave Hansen
> <dave.hansen@xxxxxxxxxxxxxxx> wrote:
> > On 03/03/2018 12:00 PM, Alexander Popov wrote:
> >> @@ -128,6 +134,7 @@ static long syscall_trace_enter(struct pt_regs *regs)
> >>
> >> do_audit_syscall_entry(regs, arch);
> >>
> >> + erase_kstack();
> >> return ret ?: regs->orig_ax;
> >> }
> >
> > This seems like an odd place to be clearing the stack. Why was it done her?
>
> Perhaps the commit log could be improved, but the idea is that the
> audit work (ptrace, seccomp, etc), is happening before the syscall
> code starts running, and it has therefore written to the stack (that
> used to be cleared on last exit). This retains the clear stack state
> even in the face of ptrace-ish work happening before the syscall
> proper starts.

I'd suggest a code-comment over a Changelog twiddle. The changelog bit
only helps now, that code comments helps us again in 6 motnhs time when
we've forgotten everything again.

Next message: Eric Anholt: "[PATCH 0/5] VCHI DT bindings"
Previous message: Mark Brown: "[PATCH] regmap: debugfs: Don't leak dummy names"
In reply to: Kees Cook: "Re: [PATCH RFC v9 4/7] x86/entry: Erase kernel stack in syscall_trace_enter()"
Next in thread: Alexander Popov: "Re: [PATCH RFC v9 4/7] x86/entry: Erase kernel stack in syscall_trace_enter()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]