| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <3501c254c970c4dbd933022651622f79.squirrel@mail.sublimeip.com> Date: Wed, 21 Nov 2012 10:16:48 +1100 From: u3557@...o.sublimeip.com To: "Oleg Nesterov" <oleg@...hat.com> Cc: "Steven Rostedt" <rostedt@...dmis.org>, "Frederic Weisbecker" <fweisbec@...il.com>, "Ingo Molnar" <mingo@...hat.com>, "Peter Zijlstra" <a.p.zijlstra@...llo.nl>, "Amnon Shiloh" <u3557@...o.sublimeip.com>, linux-kernel@...r.kernel.org Subject: Re: [PATCH] arch_check_bp_in_kernelspace: fix the range check Hi Oleg, > Or. Perhaps we can define TRAP_VSYSCALL and change emulate_vsyscall() to > do > > > if (current->ptrace && test_thread_flag(TIF_SYSCALL_TRACE)) > send_sigtrap(TRAP_VSYSCALL, ...); > > if it returns true? > I wish it were possible, but the vsyscall page is entered in user-mode, where it is not possible to read either "current" or the per-thread flags. One nice alternative, however, is to take away the execute permission from the vsyscall page of the traced process, so it will incur a SIGSEGV (which the ptracer can easily handle and cancel). The drawbacks of this nice-to-have alternative are: 1) It may require a bigger patch. 2) It needs to use a separate ptrace option, because current applications that use PTRACE_SYSCALL (or PTRACE_SYSEMU), including "strace", will not be aware of this new feature, so they can be broken. > Yes, the tracee won't report _before_ it calls the function, but perhaps > this is enough? Amnon? The vsyscall page was designed in order to avoid user/kernel context switches, which is possible when a system-call is only reading kernel global information, not modifying any. In most cases therefore (with a few exceptions, such as when the hardware clock is broken or misconfigured), system-calls in the vsyscall page never invoke the kernel at all - so no trap would be generated either before or after. Best Regards, Amnon. > On 11/20, Oleg Nesterov wrote: >> >> On 11/19, Steven Rostedt wrote: >> > >> > Is this really what we want? >> >> I am not sure, that is why I am asking. > > Yes. > > And, > >> Well yes, with the new implementation __vsyscall_page simply does >> syscall, so I guess (say) strace will "just work". But, afaics, only >> if vsyscall_mode == NATIVE. >> >> So perhaps bp in vsyscall_page still makes sense... > > Or. Perhaps we can define TRAP_VSYSCALL and change emulate_vsyscall() to > do > > > if (current->ptrace && test_thread_flag(TIF_SYSCALL_TRACE)) > send_sigtrap(TRAP_VSYSCALL, ...); > > if it returns true? > > This way the debugger doesn't need to play with the debug registers, > it can use ptrace(PTRACE_SYSCALL). The tracee will report SIGTRAP after > vsyscall, debugger can detect this case looking at info->si_code. > > Yes, the tracee won't report _before_ it calls the function, but perhaps > this is enough? Amnon? > > Oleg. > > -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists