Mailing List Archive

> Another story, the sad story of the intel chip (I think it was
> the 80188) where Intel made use of Int 5, which was documented
> as reserved. Unfortunately, Microsoft/IBM had used this for
> print screen or some such. Intel was absolutely right that
> their documentation was clear and it was wrong to have used
> these interrupts .. but the result was a warehouse of unused
> chips.

Not really. Just, no one used the BOUND instruction. All computers
running DOS (Intel, AMD, even the old NEC V20/V30 chips) still connect
INT 5 to Print Screen.

Paolo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

On Thu, Mar 6, 2008 at 8:23 AM, Jakub Jelinek <jakub@redhat.com> wrote:
> On Thu, Mar 06, 2008 at 07:50:12AM -0800, H. Peter Anvin wrote:
> > H.J. Lu wrote:
> > >I agree with it. There is no right or wrong here Let's start from
> > >scratch and figure out
> > >what is the best way to handle this, assuming we are defining a new psABI.
>
> BTW, just tested icc and icc doesn't generate cld either (so it matches the
> new gcc behavior).
> char buf1[32], buf2[32];
> void bar (void);
> void foo (void)
> {
> __builtin_memset (buf1, 0, 32);
> bar ();
> __builtin_memset (buf2, 0, 32);
> }
>

Icc follows the psABI. If we are saying icc/gcc 4.3 need a fix, we'd
better define
a new psABI first.

H.J.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

H.J. Lu wrote:
> On Thu, Mar 6, 2008 at 8:23 AM, Jakub Jelinek <jakub@redhat.com> wrote:
>> On Thu, Mar 06, 2008 at 07:50:12AM -0800, H. Peter Anvin wrote:
>> > H.J. Lu wrote:
>> > >I agree with it. There is no right or wrong here Let's start from
>> > >scratch and figure out
>> > >what is the best way to handle this, assuming we are defining a new psABI.
>>
>> BTW, just tested icc and icc doesn't generate cld either (so it matches the
>> new gcc behavior).
>> char buf1[32], buf2[32];
>> void bar (void);
>> void foo (void)
>> {
>> __builtin_memset (buf1, 0, 32);
>> bar ();
>> __builtin_memset (buf2, 0, 32);
>> }
>>
>
> Icc follows the psABI. If we are saying icc/gcc 4.3 need a fix, we'd
> better define
> a new psABI first.
>

Not a fix, an (optional) workaround for a system bug.

-hpa
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

On Thu, Mar 6, 2008 at 9:06 AM, H. Peter Anvin <hpa@zytor.com> wrote:
>
> H.J. Lu wrote:
> > On Thu, Mar 6, 2008 at 8:23 AM, Jakub Jelinek <jakub@redhat.com> wrote:
> >> On Thu, Mar 06, 2008 at 07:50:12AM -0800, H. Peter Anvin wrote:
> >> > H.J. Lu wrote:
> >> > >I agree with it. There is no right or wrong here Let's start from
> >> > >scratch and figure out
> >> > >what is the best way to handle this, assuming we are defining a new psABI.
> >>
> >> BTW, just tested icc and icc doesn't generate cld either (so it matches the
> >> new gcc behavior).
> >> char buf1[32], buf2[32];
> >> void bar (void);
> >> void foo (void)
> >> {
> >> __builtin_memset (buf1, 0, 32);
> >> bar ();
> >> __builtin_memset (buf2, 0, 32);
> >> }
> >>
> >
> > Icc follows the psABI. If we are saying icc/gcc 4.3 need a fix, we'd
> > better define
> > a new psABI first.
> >
>
> Not a fix, an (optional) workaround for a system bug.
>

So that is the bug in the Linux kernel. Since fixing kernel is much easier
than providing a workaround in compilers, I think kernel should be fixed
and no need for icc/gcc fix.


H.J.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

H.J. Lu wrote:
>>
>> Not a fix, an (optional) workaround for a system bug.
>
> So that is the bug in the Linux kernel. Since fixing kernel is much easier
> than providing a workaround in compilers, I think kernel should be fixed
> and no need for icc/gcc fix.
>

The problem is, you're going to have to be able to produce binaries
compatible with old kernels for a *long* time for come. Are you
honestly saying you'll tell those people "use gcc 4.2 or earlier"? If
so, I think most distros will have to freeze gcc for the next several years.

-hpa
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

H.J. Lu wrote:

> So that is the bug in the Linux kernel. Since fixing kernel is much easier
> than providing a workaround in compilers, I think kernel should be fixed
> and no need for icc/gcc fix.

Fixing a bug in the Linux kernel is not "much easier". You are taking
a purely engineering viewpoint, but life is not like that. There are
lots of copies of Linux kernels around and in use. The issue is not
fixing the kernel per se, it is propagating that change to all
Linux kernels in use -- THAT'S another matter entirely, and is
far far more difficult than making sure that a kernel fix is
qualified and widely proopagated.

>
>
> H.J.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Robert Dewar wrote:
>
> Sounds good, but has almost nothing to do with the real world. I
> remember back in Realia COBOL days, we had to carefully copy IBM
> bugs in the IBM mainframe COBOL compiler. Doing things right and
> fixing the bug would have been the right thing to do, but no one
> would have used Realia COBOL :-)
>
> Another story, the sad story of the intel chip (I think it was
> the 80188) where Intel made use of Int 5, which was documented
> as reserved. Unfortunately, Microsoft/IBM had used this for
> print screen or some such. Intel was absolutely right that
> their documentation was clear and it was wrong to have used
> these interrupts .. but the result was a warehouse of unused
> chips.

IBM used it for print screen (and other calls), because Microsoft
cassette BASIC used all the non-reserved INT instructions as byte codes
(they cut it down to *only* half the interrupt vectors in the disk version.)

We're still stuck with the consequences of that hack.

-hpa
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Robert Dewar wrote:
> H.J. Lu wrote:
>
>> So that is the bug in the Linux kernel. Since fixing kernel is much
>> easier
>> than providing a workaround in compilers, I think kernel should be fixed
>> and no need for icc/gcc fix.
>
> Fixing a bug in the Linux kernel is not "much easier". You are taking
> a purely engineering viewpoint, but life is not like that. There are
> lots of copies of Linux kernels around and in use. The issue is not
> fixing the kernel per se, it is propagating that change to all
> Linux kernels in use -- THAT'S another matter entirely, and is
> far far more difficult than making sure that a kernel fix is
> qualified and widely proopagated.
>

Not really, it's just a matter of time. Typical distro cycles are on
the order of 3 years.

-hpa
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

On Thu, Mar 6, 2008 at 9:17 AM, H. Peter Anvin <hpa@zytor.com> wrote:
> H.J. Lu wrote:
> >>
> >> Not a fix, an (optional) workaround for a system bug.
> >
> > So that is the bug in the Linux kernel. Since fixing kernel is much easier
> > than providing a workaround in compilers, I think kernel should be fixed
> > and no need for icc/gcc fix.
> >
>
> The problem is, you're going to have to be able to produce binaries
> compatible with old kernels for a *long* time for come. Are you
> honestly saying you'll tell those people "use gcc 4.2 or earlier"? If
> so, I think most distros will have to freeze gcc for the next several years.
>

Icc has been following psABI for years on Linux and it doesn't stop people
using icc on Linux. On the other hand, it may be a good idea to provide a
workaround in gcc and enables it by default. OSVs can fix thekernel and
disable it by default.

We can even issue a message whenever the workaround is used.

H.J.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

On Thu, Mar 06, 2008 at 03:12:21PM +0100, Olivier Galibert wrote:
> On Thu, Mar 06, 2008 at 03:03:15PM +0100, Paolo Bonzini wrote:
> > Olivier Galibert wrote:
> > >On Wed, Mar 05, 2008 at 05:12:07PM -0800, H. Peter Anvin wrote:
> > >>It's a kernel bug, and it needs to be fixed.
> > >
> > >I'm not convinced. It's been that way for 15 years, it's that way in
> > >the BSD kernels, at that point it's a feature. The bug is in the
> > >documentation, nowhere else. And in gcc for blindly trusting the
> > >documentation.
> >
> > No, the bug *in the kernel* was already present (if you had a signal
> > raised during a call to memmove). It's just more visible with GCC 4.3.
>
> I'm curious, since when paper documentation became the Truth and
> reality became a bug?

If the kernel allows state to leak from one process to another,
for example from a process running as root to a process running as an
ordinary user, it's a bug, with possible security implications.

In this particular case not much can be communicated through a one-bit
flag, so it would only be relevant in those situations where you want
to forbid any communication channels from a given process. So the
kernel developers might consider it a trivial bug. Or, they could just
fix it, which I understand is the plan.


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

On Thu, Mar 06, 2008 at 09:58:41AM -0800, Joe Buck wrote:
> If the kernel allows state to leak from one process to another,
> for example from a process running as root to a process running as an
> ordinary user, it's a bug, with possible security implications.

I don't think that it is relevant in your case. If you have the
signal handler in something that does not share the VM with the
interrupted thread, you will have a context switch which is supposed
to store the direction flag and restore the one from the handling
thread. If you share the VM there is no context switch but you have
access to the exact same memory with the exact same rights, making the
leak irrelevant.

OG.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Olivier Galibert wrote:
> On Thu, Mar 06, 2008 at 09:58:41AM -0800, Joe Buck wrote:
>> If the kernel allows state to leak from one process to another,
>> for example from a process running as root to a process running as an
>> ordinary user, it's a bug, with possible security implications.
>
> I don't think that it is relevant in your case. If you have the
> signal handler in something that does not share the VM with the
> interrupted thread, you will have a context switch which is supposed
> to store the direction flag and restore the one from the handling
> thread. If you share the VM there is no context switch but you have
> access to the exact same memory with the exact same rights, making the
> leak irrelevant.

A process can send a signal via kill. IOW, a malicious process can
*control when the process would be interrupted* in order to get it into
the signal handler with DF=1.

Paolo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

On Thu, Mar 06, 2008 at 07:13:20PM +0100, Paolo Bonzini wrote:
> A process can send a signal via kill. IOW, a malicious process can
> *control when the process would be interrupted* in order to get it into
> the signal handler with DF=1.

If the malicious process can send a signal to another process, it
could also ptrace() it. Which is more useful, if you wanted to be
malicious?

Jack
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

On 3/6/08, Jack Lloyd <lloyd@randombit.net> wrote:
> On Thu, Mar 06, 2008 at 07:13:20PM +0100, Paolo Bonzini wrote:
> > A process can send a signal via kill. IOW, a malicious process can
> > *control when the process would be interrupted* in order to get it into
> > the signal handler with DF=1.
>
> If the malicious process can send a signal to another process, it
> could also ptrace() it. Which is more useful, if you wanted to be
> malicious?

And more to the point, it can happen before GCC 4.3.0. So why does
GCC have do something that just happens more often now? I still don't
see why we have to work around a bug in the kernel which could show up
before GCC 4.3.0.

-- Pinski
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

H. Peter Anvin wrote:
> Robert Dewar wrote:
>> H.J. Lu wrote:
>>
>>> So that is the bug in the Linux kernel. Since fixing kernel is much
>>> easier
>>> than providing a workaround in compilers, I think kernel should be fixed
>>> and no need for icc/gcc fix.
>> Fixing a bug in the Linux kernel is not "much easier". You are taking
>> a purely engineering viewpoint, but life is not like that. There are
>> lots of copies of Linux kernels around and in use. The issue is not
>> fixing the kernel per se, it is propagating that change to all
>> Linux kernels in use -- THAT'S another matter entirely, and is
>> far far more difficult than making sure that a kernel fix is
>> qualified and widely proopagated.
>>
>
> Not really, it's just a matter of time. Typical distro cycles are on
> the order of 3 years.
>
> -hpa

again, in the real world, there are MANY projects that are nothing
like this interactive when it comes to moving to new versions of
operating systems.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

H.J. Lu wrote:

> Icc has been following psABI for years on Linux and it doesn't stop people
> using icc on Linux. On the other hand, it may be a good idea to provide a
> workaround in gcc and enables it by default. OSVs can fix thekernel and
> disable it by default.

How widely is icc used? I ask because we have not encocuntered one
customer using icc. We have huge numbers of customers using gcc, and
many using proprietary compilers from Sun, DEC etc, but never an icc
user?
>
> We can even issue a message whenever the workaround is used.
>
> H.J.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Jack Lloyd wrote:
> On Thu, Mar 06, 2008 at 07:13:20PM +0100, Paolo Bonzini wrote:
>> A process can send a signal via kill. IOW, a malicious process can
>> *control when the process would be interrupted* in order to get it into
>> the signal handler with DF=1.
>
> If the malicious process can send a signal to another process, it
> could also ptrace() it. Which is more useful, if you wanted to be
> malicious?

1) capabilities(7)

2) sometimes setuid programs send signals (e.g. SIGHUP or SIGUSR1)...

Paolo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

>> If the malicious process can send a signal to another process, it
>> could also ptrace() it. Which is more useful, if you wanted to be
>> malicious?
>
> And more to the point, it can happen before GCC 4.3.0.

Yes, and that's why the kernel should just fix it, and the fix should be
backported and treated like any other security fix.

Paolo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

On Thu, Mar 06, 2008 at 08:43:27PM +0100, Paolo Bonzini wrote:
> Jack Lloyd wrote:
> >On Thu, Mar 06, 2008 at 07:13:20PM +0100, Paolo Bonzini wrote:
> >>A process can send a signal via kill. IOW, a malicious process can
> >>*control when the process would be interrupted* in order to get it into
> >>the signal handler with DF=1.
> >
> >If the malicious process can send a signal to another process, it
> >could also ptrace() it. Which is more useful, if you wanted to be
> >malicious?
>
> 1) capabilities(7)

Ah you are right, I misinterpreted something from the man page
("non-root processes cannot trace processes that they cannot send
signals to") to mean something it did not (basically, that CAP_KILL
implied CAP_SYS_PTRACE, which from reading the kernel source is
clearly not the case...)

But still: so the threat here is of a malicious process with the
ability to send arbitrary signals to any process using CAP_KILL (since
in any other case when a process can send a signal, it can do much
more damage in other ways), which could leverage that into
(potentially) uid==0 using misexecuted code in a signal handler.

As a correctness issue, obviously this should be fixed/patched around,
if feasible. But as a security flaw? I'm not seeing much that is
compelling.

> 2) sometimes setuid programs send signals (e.g. SIGHUP or SIGUSR1)

I don't understand how this is a problem - unless these setuid
programs, while not malicious, can be tricked into signalling a
process they did not intend to. (In which case they already have a
major bug, df bit being cleared or not).

-Jack
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Robert Dewar wrote:
>>
>> Not really, it's just a matter of time. Typical distro cycles are on
>> the order of 3 years.
>>
>> -hpa
>
> again, in the real world, there are MANY projects that are nothing
> like this interactive when it comes to moving to new versions of
> operating systems.

This is true, but beyond a certain point projects generally accept that
they have to monitor their toolchain dependencies.

-hpa
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Jack Lloyd wrote:
> But still: so the threat here is of a malicious process with the
> ability to send arbitrary signals to any process using CAP_KILL (since
> in any other case when a process can send a signal, it can do much
> more damage in other ways), which could leverage that into
> (potentially) uid==0 using misexecuted code in a signal handler.
>
> As a correctness issue, obviously this should be fixed/patched around,
> if feasible. But as a security flaw? I'm not seeing much that is
> compelling.
>
>> 2) sometimes setuid programs send signals (e.g. SIGHUP or SIGUSR1)
>
> I don't understand how this is a problem - unless these setuid
> programs, while not malicious, can be tricked into signalling a
> process they did not intend to. (In which case they already have a
> major bug, df bit being cleared or not).

think apps keeping crypto keys etc in ram and wiping them from signal
handlers. eg gnupg does this; fortunately it seems to have moved from
memset() to a open coded solution, so probably isn't affected. OTOH
it wouldn't surprise me these days if the compiler would emit string
ops even w/o an explicit mem* call.
Copying a private memory region to some public buffer could also lead
to interesting results...
IOW being able to avoid a memset (or copying the wrong data) certainly
could have security consequences.

artur
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

"H. Peter Anvin" <hpa@zytor.com> writes:

> Robert Dewar wrote:
>> H.J. Lu wrote:
>>
>>> So that is the bug in the Linux kernel. Since fixing kernel is much
>>> easier
>>> than providing a workaround in compilers, I think kernel should be fixed
>>> and no need for icc/gcc fix.
>>
>> Fixing a bug in the Linux kernel is not "much easier". You are taking
>> a purely engineering viewpoint, but life is not like that. There are
>> lots of copies of Linux kernels around and in use. The issue is not
>> fixing the kernel per se, it is propagating that change to all
>> Linux kernels in use -- THAT'S another matter entirely, and is
>> far far more difficult than making sure that a kernel fix is
>> qualified and widely proopagated.
>>
>
> Not really, it's just a matter of time. Typical distro cycles are on
> the order of 3 years.

But distros release fixes regularly for their kernels - and adding a fix
for this issue with their next security update is something that is
possible for distros (at least for openSUSE ;-),

Andreas
--
Andreas Jaeger, Director Platform / openSUSE, aj@suse.de
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nürnberg)
Maxfeldstr. 5, 90409 Nürnberg, Germany
GPG fingerprint = 93A3 365E CE47 B889 DF7F FED1 389A 563C C272 A126

* Robert Dewar:

> again, in the real world, there are MANY projects that are nothing
> like this interactive when it comes to moving to new versions of
> operating systems.

Sure, but how many of those get to see software compiled with GCC 4.3?

If this has any real impact, it's more likely to show up in current
systems, where both kernel, libc and GCC are regularly updated, and GCC
happens to receive an update before the kernel.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

On Mar 6, 2008, Olivier Galibert <galibert@pobox.com> wrote:

> It's extremely rare, no doubt about it. It's just that it *yells*
> security issue in the making. It's not a source bug, i.e. not easily
> reviewable. It's related to signal handlers which are the mark of a
> server and/or more failure-conscious program than usual. It's obscure
> (breaking a stringop, probably memset, or a not-paranoid-enough inline
> asm in a signal handler through a running memmove in the main program,
> oh my) but reasonably predictable for someone looking for an
> exploitable flaw.

> It's gcc's job to adapt to the realities of its running environment,
> not the other way around.

I smell a false dilemma here.

The problem doesn't have to be fixed/worked-around in either the
kernel or GCC. Per your argument, one might claim it's the userland
library's, or even the application's job to adapt to the realities of
its running environment.

GCC doesn't know what functions are signal handlers to insert cld in
them. How could it fix the problem, then? How could it possibly fix
custom assembly? How could it possibly fix object code containing
signal handlers, compiled by other compilers?

A userland system library, in theory, knows what functions are signal
handlers. It could wrap function pointers passed as arguments to
signal() such that they get cld. But then, applications that couldn't
care less about this would take a hit.

Applications, on the other hand, know when they might need cld. So,
per your argument, they should adapt to the realities of their running
environment, and add asm("cld"); to signal handlers that might need
it. At times, it may be hard for them to know whether they need it,
because too many factors may affect this need. E.g.:

- if the kernel does cld for them, then they don't need it. But
that's a run-time property, so it can't be tested at build time: the
code may run on a different kernel that doesn't do it.

- if none of the libraries they use mess with this flag, or none of
the libraries they use from signal handlers depend on this flag, then
they don't need it. But then, again, libraries may vary over time,
and you can't assume the (dynamic) library that's available at build
time will behave the same way at run time.

So an application would have to do it conservatively, adding cld to
their signal handlers just in case.

But then, it would be more convenient if the library did it.

And then, by the same argument, it would be more convenient if the
kernel did it.

(Compiler can't do it, since it doesn't know what's a signal handler
in the general case.)

And that's an argument to support the ABI specs as they are.

It would be just silly to try to work around this deviation from the
specs, at a performance penalty, in every affected compiler, library
*and* application. And anything less than fixing all of them would be
an incomplete work around.

Which is not an argument against providing work arounds where
possible, just an argument in favor of fixing the problem where it can
be fixed for good.

--
Alexandre Oliva http://www.lsd.ic.unicamp.br/~oliva/
FSF Latin America Board Member http://www.fsfla.org/
Red Hat Compiler Engineer aoliva@{redhat.com, gcc.gnu.org}
Free Software Evangelist oliva@{lsd.ic.unicamp.br, gnu.org}
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/