Date: Tue, 26 Apr 2022 20:21:50 +0200 From: Adam Zabrocki <pi3@....com.pl> To: lkrg-users@...ts.openwall.com Subject: Re: pCFI false positive Hi Li, Thanks for the informaiton. Would you be able to submit PR for this changes? Thanks, Adam On Thu, Apr 14, 2022 at 06:08:53PM +0800, 李诚(允诚) wrote: > > > Hi，all > I tested lkrg-0.9.2 on an ARM64 board, and met a pCFI false positive issue about > "Stack pointer corruption (ROP?)" for the security_capable() function. > > I found that sometimes the security_capable() may be called in the interrupt context , > then the p_ed_enforce_pcfi() would warn about the stack pointer mismatch and kill the > victim process. > > Maybe the p_ed_enforce_pcfi() should use (unsigned long)p_task->stack if it finds that > p_regs_get_sp(p_regs) belongs to the irq_stack ? > > thanks and best regards, > > Li Cheng -- pi3 (pi3ki31ny) - pi3 (at) itsec pl http://pi3.com.pl
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.