On Tue, May 09, 2017 at 12:01:23PM -0700, Kees Cook wrote:
> +#define _REFCOUNT_EXCEPTION \
> + ".pushsection .text.unlikely\n" \
> + "111:\tmovl $0x7fff, %[counter]\n" \
> + "112:\t" ASM_UD0 "\n" \
> +
On Wed, May 10, 2017 at 6:24 PM, PaX Team wrote:
> On 9 May 2017 at 12:01, Kees Cook wrote:
>> Various differences from PaX:
>> - uses earlier value reset implementation in assembly
>> - uses UD0 and refcount exception handler instead of new int vector
>> - uses .text.unlikely instead of custom na
On 9 May 2017 at 12:01, Kees Cook wrote:
> Various differences from PaX:
> - uses earlier value reset implementation in assembly
> - uses UD0 and refcount exception handler instead of new int vector
> - uses .text.unlikely instead of custom named text sections
all the above together result in bloa
On Tue, May 09, 2017 at 12:01:23PM -0700, Kees Cook wrote:
> This protection is a modified version of the x86 PAX_REFCOUNT defense
> from PaX/grsecurity. This speeds up the refcount_t API by duplicating
> the existing atomic_t implementation with a single instruction added to
> detect if the refcou
This protection is a modified version of the x86 PAX_REFCOUNT defense
from PaX/grsecurity. This speeds up the refcount_t API by duplicating
the existing atomic_t implementation with a single instruction added to
detect if the refcount has wrapped past INT_MAX (or below 0) resulting
in a negative va
5 matches
Mail list logo
