lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <7dfef7b1-8c5a-dd0a-2653-15a9c656f111@huawei.com>
Date: Tue, 5 Mar 2024 11:12:41 +0800
From: Jiangfeng Xiao <xiaojiangfeng@...wei.com>
To: Jann Horn <jannh@...gle.com>
CC: <gustavoars@...nel.org>, <akpm@...ux-foundation.org>,
	<jpoimboe@...nel.org>, <peterz@...radead.org>, <dave.hansen@...ux.intel.com>,
	<kirill.shutemov@...ux.intel.com>, <keescook@...omium.org>,
	<linux-kernel@...r.kernel.org>, <linux-hardening@...r.kernel.org>,
	<linux-mm@...ck.org>, <nixiaoming@...wei.com>, <kepler.chenxin@...wei.com>,
	<wangbing6@...wei.com>, <wangfangpeng1@...wei.com>, <douzhaolei@...wei.com>
Subject: Re: [PATCH] usercopy: delete __noreturn from usercopy_abort



On 2024/3/5 10:54, Jiangfeng Xiao wrote:
> 
> 
> On 2024/3/4 23:15, Jann Horn wrote:
>> On Mon, Mar 4, 2024 at 3:02 AM Jiangfeng Xiao <xiaojiangfeng@...wei.com> wrote:
>>> When the last instruction of a noreturn function is a call
>>> to another function, the return address falls outside
>>> of the function boundary. This seems to cause kernel
>>> to interrupt the backtrace.
>> [...]
>>> Delete __noreturn from usercopy_abort,
>>
>> This sounds like the actual bug is in the backtracing logic? I don't
>> think removing __noreturn annotations from an individual function is a
>> good fix, since the same thing can happen with other __noreturn
>> functions depending on what choices the compiler makes.
>> .
>>
> Yes, you make a point. This may be a bug is in the backtracing logic, but
> the kernel backtracing always parses symbols using (lr) instead of (lr-4).
> This may be due to historical reasons or more comprehensive considerations.
> In addition, modifying the implementation logic of the kernel backtracing
> has a great impact. Therefore, I do not dare to modify the implementation
> logic of the kernel backtracing.
> 
> Not all noreturn functions are ended with calling other functions.
> Therefore, only a few individual functions may have the same problem.
> In addition, deleting '__noreturn' from usercopy_abort does not
> change the internal behavior of usercopy_abort function.
> Therefore, there is no risk. Deleting '__noreturn' from usercopy_abort
> is the solution that I can think of with minimal impact and minimum risk.
> 
> If you will submit a better patch to solve this problem,
> I would like to learn from you. Thank you.
> 
What are your suggestions on modifying the kernel backtracing logic
or deleting '__noretrun'? If you insist on modifying the kernel
backtracing logic and persuade me with good reasons, I can also try
to submit the patch for modifying the kernel backtracing logic
to the community.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ