| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 11 Jan 2016 18:30:29 -0700 From: Jeff Merkey <linux.mdb@...il.com> To: Andy Lutomirski <luto@...capital.net> Cc: Linus Torvalds <torvalds@...ux-foundation.org>, LKML <linux-kernel@...r.kernel.org>, Thomas Gleixner <tglx@...utronix.de>, Ingo Molnar <mingo@...hat.com>, "H. Peter Anvin" <hpa@...or.com>, X86 ML <x86@...nel.org>, Peter Zijlstra <peterz@...radead.org>, Andy Lutomirski <luto@...nel.org>, Masami Hiramatsu <masami.hiramatsu.pt@...achi.com>, Steven Rostedt <rostedt@...dmis.org>, Borislav Petkov <bp@...en8.de>, Jiri Olsa <jolsa@...nel.org> Subject: Re: [GIT PULL v4.5] Fix INT1 recursion with unregistered breakpoints On 1/11/16, Andy Lutomirski <luto@...capital.net> wrote: > On Mon, Jan 11, 2016 at 4:44 PM, Jeff Merkey <linux.mdb@...il.com> wrote: >> Hi Thomas, >> >> I agree with #2, we should clear the breakpoint. As for #1, if >> there's an execute breakpoint it MUST be cleared or it will just fire >> off again when it sees the iretd from the int1 exception handler. I >> do use the breakpoint API Thomas, this showed up while debugging and >> testing the API with "lazy debug register switching". >> >> So do you want me to expand the patch and clear the breakpoint? Just >> give the word and I'll get busy and GIT -R- DONE. > > It seems to me that you're papering over some issue instead of fixing > the root cause. If you're using the API, then either you're doing it > wrong or the API is broken. Can you figure out which and fix it? > > --Andy > Andy, Linux should not crash because someone triggered a breakpoint or one got triggered due to a program leaving some bits lying in a read only register (DR6) which for some strange reason someone in the linux world decided could be used as local storage and to pass arguments between subsystems - a register intel designed to be read from for status. I did not design what's in that API, I have to live with it. So all I am asking is that we fix this issue. It does not matter to my debugger is this is fixed or not in Linux, since I carry the fix in my patch, but it does matter to the overall robustness of Linux. If someone triggers a breakpoint or one gets triggered due to the API, Linux won't crash, just print a log message. So what's the big deal about this small and modest change to prevent that. It makes Linux more robust. If you have suggestions on what items you want to see added to this commit or possibly other commits to address these other areas, please let me know, and I am happy to code them. Jeff
Powered by blists - more mailing lists