Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 11 Nov 2016 09:20:25 +0000
From: "Reshetova, Elena" <>
To: Peter Zijlstra <>
CC: ""
	<>, ""
	<>, "" <>,
	"" <>, ""
	<>, "Anvin, H Peter" <>,
	"" <>, Hans Liljestrand
	<>, David Windsor <>
Subject: RE: [RFC v4 PATCH 12/13] x86: implementation for HARDENED_ATOMIC

>On Thu, Nov 10, 2016 at 10:24:47PM +0200, Elena Reshetova wrote:
> +static __always_inline int atomic_cmpxchg_wrap(atomic_wrap_t *v, int 
> +old, int new) {
> +	return cmpxchg(&v->counter, old, new); }

>WTH does that even mean, a wrap for a cmpxchg.

We need to provide *_wrap() alternatives to all basic atomic functions in this patchset
since if we have (now or in the future) a variable in the kernel code somewhere that
should be opt-out of protection, it should use a different type, and as a result different
functions, even if the function behind doesn't do anything differently. People were very
concerned on type checks and possible confusions, so we spent time adjusting this to make
it hard to make mistake. 

>I seriously detest this interface

Then we need to work further on finding a better one, if it isn't acceptable. Everyone's end goal is
to get protections in place. We knew it is going to be a long and bumpy road to get it done. At least
this shows how it can be done. Also remember that Grsecurity/PaX protected kernels have been running
around for a while with similar changes and their users don't seem to have all their drivers panicking and
machines collapsing. 

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.