Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 24 Jul 2017 11:19:26 +0300
From: Alexander Popov <>
To: Laura Abbott <>, Mark Rutland <>
Cc: Kees Cook <>,,
 Ard Biesheuvel <>, Tycho Andersen
 <>, PaX Team <>
Subject: Re: [RFC][PATCH 2/2] arm64: Clear the stack

On 22.07.2017 03:23, Laura Abbott wrote:
> On 07/21/2017 09:56 AM, Alexander Popov wrote:
>> So let's keep it not to break CONFIG_SCHED_STACK_END_CHECK.
> That makes sense, good find! I wonder if CONFIG_SCHED_STACK_END_CHECK
> should go on the list of hardening options and/or if we can enhance
> it somehow?

Do you mean this list?

> I'm not sure why it requires two words though since the
> poison only seems to be 32-bits?

On x86_64 end_of_stack() returns the pointer to unsigned long, so we need at
least 8 bytes to avoid breaking CONFIG_SCHED_STACK_END_CHECK. Don't know about 8
more bytes.

Best regards,

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.