public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug nptl/22850] Harden TCB against stack protector bypass via overwrite of stack_guard
[not found] <bug-22850-131@http.sourceware.org/bugzilla/>
@ 2024-05-06 7:11 ` sam at gentoo dot org
2024-06-18 8:04 ` yangyanchao6 at huawei dot com
2024-06-18 8:54 ` fweimer at redhat dot com
2 siblings, 0 replies; 3+ messages in thread
From: sam at gentoo dot org @ 2024-05-06 7:11 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=22850
Sam James <sam at gentoo dot org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |sam at gentoo dot org
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 3+ messages in thread
* [Bug nptl/22850] Harden TCB against stack protector bypass via overwrite of stack_guard
[not found] <bug-22850-131@http.sourceware.org/bugzilla/>
2024-05-06 7:11 ` [Bug nptl/22850] Harden TCB against stack protector bypass via overwrite of stack_guard sam at gentoo dot org
@ 2024-06-18 8:04 ` yangyanchao6 at huawei dot com
2024-06-18 8:54 ` fweimer at redhat dot com
2 siblings, 0 replies; 3+ messages in thread
From: yangyanchao6 at huawei dot com @ 2024-06-18 8:04 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=22850
yangyanchao6 at huawei dot com <yangyanchao6 at huawei dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |yangyanchao6 at huawei dot com
--- Comment #4 from yangyanchao6 at huawei dot com <yangyanchao6 at huawei dot com> ---
I noticed that on some architectures there is this macro,
THREAD_SET_STACK_GUARD
It determines whether the variables protected by the stack are in the thread
variables or global variables. Therefore, the CVE does not exist in the ARM
architecture.
What makes the x86 and arm implementations different? I'd like to submit a
patch to convert the x86 implementation to arm-like.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 3+ messages in thread
* [Bug nptl/22850] Harden TCB against stack protector bypass via overwrite of stack_guard
[not found] <bug-22850-131@http.sourceware.org/bugzilla/>
2024-05-06 7:11 ` [Bug nptl/22850] Harden TCB against stack protector bypass via overwrite of stack_guard sam at gentoo dot org
2024-06-18 8:04 ` yangyanchao6 at huawei dot com
@ 2024-06-18 8:54 ` fweimer at redhat dot com
2 siblings, 0 replies; 3+ messages in thread
From: fweimer at redhat dot com @ 2024-06-18 8:54 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=22850
--- Comment #5 from Florian Weimer <fweimer at redhat dot com> ---
AArch64 uses a regular global data symbol to store the reference value. This
requires an additional indirection (longer dependency chain, potential wasted
cache line). It's an improvement from a security perspective, but has its
downsides.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2024-06-18 8:54 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <bug-22850-131@http.sourceware.org/bugzilla/>
2024-05-06 7:11 ` [Bug nptl/22850] Harden TCB against stack protector bypass via overwrite of stack_guard sam at gentoo dot org
2024-06-18 8:04 ` yangyanchao6 at huawei dot com
2024-06-18 8:54 ` fweimer at redhat dot com
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).