This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH 23/27] [AARCH64] delouse input arguments in system functions
- From: Arnd Bergmann <arnd at arndb dot de>
- To: Joseph Myers <joseph at codesourcery dot com>
- Cc: Yury Norov <ynorov at caviumnetworks dot com>, libc-alpha at sourceware dot org, linux-kernel at vger dot kernel dot org, catalin dot marinas at arm dot com, marcus dot shawcroft at arm dot com, philb at gnu dot org, davem at davemloft dot net, szabolcs dot nagy at arm dot com, maxim dot kuvyrkov at linaro dot org, pinskia at gmail dot com
- Date: Tue, 21 Jun 2016 17:42:39 +0200
- Subject: Re: [PATCH 23/27] [AARCH64] delouse input arguments in system functions
- Authentication-results: sourceware.org; auth=none
- References: <1466485631-3532-1-git-send-email-ynorov at caviumnetworks dot com> <1466485631-3532-25-git-send-email-ynorov at caviumnetworks dot com> <alpine dot DEB dot 2 dot 20 dot 1606211035510 dot 4526 at digraph dot polyomino dot org dot uk>
On Tuesday, June 21, 2016 10:36:53 AM CEST Joseph Myers wrote:
> On Tue, 21 Jun 2016, Yury Norov wrote:
>
> > Signed-off-by: Yury Norov <ynorov@caviumnetworks.com>
>
> You're missing a patch description. What does "delouse" even mean? What
> is the ABI peculiarity that means there are ABI-conforming arguments to
> these functions that need such a manipulation?
>
This is the term the kernel uses for making sure that no system call
from user space passes data in the upper bits of the argument registers,
which could end up being used in an exploit when the calling conventions
between functions assume that the upper bits contain zeroes.
I don't think there is any point in doing this in glibc though: we
can safely assume that any application calling into glibc follows
the documented calling conventions (it would otherwise be a bug),
but the kernel still has to zero those registers because malicious
user space code would simply execute the system call instruction
directly instead of calling into glibc...
Arnd