Date: Thu, 14 Apr 2022 18:08:53 +0800 From: "李诚(允诚)" <lc85446@...baba-inc.com> To: "lkrg-users" <lkrg-users@...ts.openwall.com> Subject: pCFI false positive Hi，all I tested lkrg-0.9.2 on an ARM64 board, and met a pCFI false positive issue about "Stack pointer corruption (ROP?)" for the security_capable() function. I found that sometimes the security_capable() may be called in the interrupt context , then the p_ed_enforce_pcfi() would warn about the stack pointer mismatch and kill the victim process. Maybe the p_ed_enforce_pcfi() should use (unsigned long)p_task->stack if it finds that p_regs_get_sp(p_regs) belongs to the irq_stack ? thanks and best regards, Li Cheng
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.