|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH] x86emul/fuzz: adjust canonicalization in sanitize_input()
> On Mar 29, 2019, at 3:23 PM, Jan Beulich <JBeulich@xxxxxxxx> wrote: > >>>> On 29.03.19 at 16:14, <George.Dunlap@xxxxxxxxxx> wrote: > >> >>> On Mar 29, 2019, at 2:51 PM, Jan Beulich <JBeulich@xxxxxxxx> wrote: >>> >>> Drop it entirely for %rbp - this register is not special purpose enough >>> to warrant such special treatment. Add a comment to clarify the purpose >>> of the canonicalization of %rip and %rsp. >>> >>> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx> >> >> FAOD: >> 1. I don’t oppose this, but >> 2. I don’t support it either; however, >> 3. I don’t think my Ack is necessary. > > Well, preferably I would address your concerns despite 3. So could > you clarify what you would suggest instead? Keep things as they > are? Drop all canonicalization? I've basically tried to find a middle > ground between the two extremes. I appreciate that. :-) But the main reason I wrote this was #3: I didn’t want my silence interpreted as a nack. I don’t think it will help fuzzing to remove canonicalization of ebp; it may help to have it in. In fact I’d prefer to CANONICALIZE_MAYBE() more registers. But I don’t think the question is so clear, or so important, that it’s worth having a long discussion about. Absent some sort of rigorous testing, we’re all just guessing which is better; you & Andy are guessing one way, I’m guessing the other way. This patch is about as close to middle-ground as there is. Peace, -George _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |