From: Jeff Law <law@redhat.com>
To: Uros Bizjak <ubizjak@gmail.com>, Florian Weimer <fweimer@redhat.com>
Cc: Richard Biener <richard.guenther@gmail.com>,
Jakub Jelinek <jakub@redhat.com>, Jan Hubicka <jh@suse.cz>,
Eric Botcazou <ebotcazou@adacore.com>,
gcc-patches <gcc-patches@gcc.gnu.org>
Subject: Re: RFC: stack/heap collision vulnerability and mitigation with GCC
Date: Tue, 20 Jun 2017 15:59:00 -0000 [thread overview]
Message-ID: <c583d6b9-a920-5f9d-fa33-d52773c799ee@redhat.com> (raw)
In-Reply-To: <CAFULd4YsYwN1saXYySMnNy4r=f6R1wbe0K4pOMmHM75HYJ5dQg@mail.gmail.com>
On 06/20/2017 06:17 AM, Uros Bizjak wrote:
> On Tue, Jun 20, 2017 at 2:13 PM, Florian Weimer <fweimer@redhat.com> wrote:
>> On 06/20/2017 01:10 PM, Uros Bizjak wrote:
>>
>>> 74,99% a.out a.out [.] test_or
>>> 12,50% a.out a.out [.] test_movb
>>> 12,50% a.out a.out [.] test_movl
>>
>> Could you try notl/notb/negl/negb as well, please?
>
> These all have the same (long) runtime as test_or.
That would be my expectation -- they (not/neg) are going to be RMW.
So we can we agree that moving away RMW to a simple W style instruction
for the probe is where we want to go? Then we can kick around the exact
form of that store.
FWIW, we don't have to store zero -- ultimately we care about the side
effect of triggering the page fault, not the value written. So we could
just as easily store a register into the probed address to avoid the
codesize cost of encoding an immediate
I did that in my local s390 patches. It may not be necessary there, but
it allowed me to avoid thinking too hard about the ISA and get s390
proof of concept code running :-)
Jeff
next prev parent reply other threads:[~2017-06-20 15:59 UTC|newest]
Thread overview: 66+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-06-19 17:07 Jeff Law
2017-06-19 17:29 ` Jakub Jelinek
2017-06-19 17:45 ` Jeff Law
2017-06-19 17:51 ` Jakub Jelinek
2017-06-19 21:51 ` Jeff Law
2017-06-20 8:03 ` Uros Bizjak
2017-06-20 10:18 ` Richard Biener
2017-06-20 11:10 ` Uros Bizjak
2017-06-20 12:13 ` Florian Weimer
2017-06-20 12:17 ` Uros Bizjak
2017-06-20 12:20 ` Uros Bizjak
2017-06-20 12:27 ` Richard Biener
2017-06-20 21:57 ` Jeff Law
2017-06-20 15:59 ` Jeff Law [this message]
2017-06-19 18:00 ` Richard Biener
2017-06-19 18:02 ` Richard Biener
2017-06-19 18:15 ` Florian Weimer
2017-06-19 21:57 ` Jeff Law
2017-06-19 22:08 ` Jeff Law
2017-06-20 7:50 ` Eric Botcazou
2017-06-19 17:51 ` Joseph Myers
2017-06-19 17:55 ` Jakub Jelinek
2017-06-19 18:21 ` Florian Weimer
2017-06-19 21:56 ` Joseph Myers
2017-06-19 22:05 ` Jeff Law
2017-06-19 22:10 ` Florian Weimer
2017-06-19 19:05 ` Jeff Law
2017-06-19 19:45 ` Jakub Jelinek
2017-06-19 21:41 ` Jeff Law
2017-06-20 8:27 ` Richard Earnshaw (lists)
2017-06-20 15:50 ` Jeff Law
2017-06-19 18:12 ` Richard Kenner
2017-06-19 22:05 ` Jeff Law
2017-06-19 22:07 ` Richard Kenner
2017-06-20 8:21 ` Eric Botcazou
2017-06-20 15:50 ` Jeff Law
2017-06-20 19:48 ` Jakub Jelinek
2017-06-20 20:37 ` Eric Botcazou
2017-06-20 20:46 ` Jeff Law
2017-06-20 8:17 ` Eric Botcazou
2017-06-20 21:52 ` Jeff Law
2017-06-20 22:20 ` Eric Botcazou
2017-06-21 17:31 ` Jeff Law
2017-06-21 19:07 ` Florian Weimer
2017-06-21 7:56 ` Andreas Schwab
2017-06-20 9:27 ` Richard Earnshaw (lists)
2017-06-20 21:39 ` Jeff Law
2017-06-21 8:41 ` Richard Earnshaw (lists)
2017-06-21 17:25 ` Jeff Law
2017-06-22 9:53 ` Richard Earnshaw (lists)
2017-06-22 15:30 ` Jeff Law
2017-06-22 16:07 ` Szabolcs Nagy
2017-06-22 16:15 ` Jeff Law
2017-06-28 6:45 ` Florian Weimer
2017-07-13 23:21 ` Jeff Law
2017-07-18 19:54 ` Florian Weimer
2017-06-20 23:22 Wilco Dijkstra
2017-06-21 8:34 ` Richard Earnshaw (lists)
2017-06-21 8:44 ` Andreas Schwab
2017-06-21 8:46 ` Richard Earnshaw (lists)
2017-06-21 8:46 ` Richard Earnshaw (lists)
2017-06-21 9:03 ` Wilco Dijkstra
2017-06-21 17:05 ` Jeff Law
2017-06-21 17:47 ` Wilco Dijkstra
2017-06-22 16:10 ` Jeff Law
2017-06-22 22:57 ` Wilco Dijkstra
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=c583d6b9-a920-5f9d-fa33-d52773c799ee@redhat.com \
--to=law@redhat.com \
--cc=ebotcazou@adacore.com \
--cc=fweimer@redhat.com \
--cc=gcc-patches@gcc.gnu.org \
--cc=jakub@redhat.com \
--cc=jh@suse.cz \
--cc=richard.guenther@gmail.com \
--cc=ubizjak@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).