Re: [kernel-hardening] Re: [PATCH v2 2/3] Mark functions with the __nocapture attribute

From: Kees Cook
Date: Tue Jul 12 2016 - 15:47:25 EST

Next message: atull: "Re: [PATCH v18 0/6] Device Tree support for FPGA Programming"
Previous message: Alan Tull: "[PATCH 1/2] ARM: socfpga: add bindings doc for arria10 fpga manager"
In reply to: Daniel Micay: "Re: [kernel-hardening] Re: [PATCH v2 2/3] Mark functions with the __nocapture attribute"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jul 12, 2016 at 3:23 PM, Daniel Micay <danielmicay@xxxxxxxxx> wrote:
> On Tue, 2016-07-12 at 15:08 -0400, Kees Cook wrote:
>> On Mon, Jul 4, 2016 at 7:42 PM, Emese Revfy <re.emese@xxxxxxxxx>
>> wrote:
>> >
>> > The nocapture gcc attribute can be on functions only.
>> > The attribute takes one or more unsigned integer constants as
>> > parameters
>> > that specify the function argument(s) of const char* type to
>> > initify.
>> > If the marked argument is a vararg then the plugin initifies
>> > all vararg arguments.
>>
>> Why is this called "nocapture"? Not captured by what? It seems like
>> it
>> means "initify this if possible". Am I misunderstanding its purpose?
>
> It means they don't escape via that function, i.e. they aren't stored
> anywhere to be used in any way after the call.

Ah, those arguments are confirmed to not be "captured" by that
function, leaving them available to be moved to .init. Got it, thanks!

-Kees

--
Kees Cook
Chrome OS & Brillo Security

Next message: atull: "Re: [PATCH v18 0/6] Device Tree support for FPGA Programming"
Previous message: Alan Tull: "[PATCH 1/2] ARM: socfpga: add bindings doc for arria10 fpga manager"
In reply to: Daniel Micay: "Re: [kernel-hardening] Re: [PATCH v2 2/3] Mark functions with the __nocapture attribute"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]