| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 10 Jan 2013 17:54:19 +1100 From: u3557@...o.sublimeip.com To: "Oleg Nesterov" <oleg@...hat.com> Cc: "Pedro Alves" <palves@...hat.com>, u3557@...o.sublimeip.com, "Denys Vlasenko" <dvlasenk@...hat.com>, "Jan Kratochvil" <jan.kratochvil@...hat.com>, "Cyrill Gorcunov" <gorcunov@...nvz.org>, "Pavel Emelyanov" <xemul@...allels.com>, "Steven Rostedt" <rostedt@...dmis.org>, "Frederic Weisbecker" <fweisbec@...il.com>, "Ingo Molnar" <mingo@...hat.com>, "Peter Zijlstra" <a.p.zijlstra@...llo.nl>, linux-kernel@...r.kernel.org Subject: Re: PTRACE_SYSCALL && vsyscall (Was: arch_check_bp_in_kernelspace: fix the range check) Hi Everyone, > On 01/08, Pedro Alves wrote: >> >> On 12/04/2012 05:59 PM, Oleg Nesterov wrote: >> >> > But If we want to allow to trace vsyscall's, hw bp doesn't look very >> > nice imo. HBP_NUM = 4 and you need to setup 3 bp's to trace them all. >> >> Irrespective of the whole syscall tracing issue, allowing HW bkpts in >> the vsyscall just seems like a bug fix to me. > > And I never argued. I sent the patch iirc ;) Exactly, it is a bug and I am still waiting for it to be fixed in the Linux kernel. Fully emulating PTRACE_SYSCALL could also provide a suitable way to fix my problem, and it may also help others by saving them the need to program and waste x86 debug registers, but it doesn't change the fact that my problem is caused by a bug in the first place, which should be fixed in any case. Best Regards, Amnon. > >> > That is why I think PTRACE_SYSCALL should "simply work" somehow. And >> > so far I think that "just report syscall_exit with orig_ax = -1" is >> > the best (and simple) solution. >> >> If you report exit alone, you'll confuse current GDB into mistaking >> it for an enter, > > Sure. That is why I asked Jan. > >> > OK. We can do more. We can report both syscall_enter/exit and we can >> > change orig_ax/ax temporary to "fool" the tracer, so that everything >> > will look as a "normal" syscall. Like vsyscall_seccomp() does. >> > >> > But this needs much more changes. >> >> I'd just like to add, that if any new syscall related option is >> to be added, can we please just go all the way and add >> PTRACE_EVENT_SYSCALL_ENTER|PTRACE_EVENT_SYSCALL_EXIT instead? > > Oh yes, this was suggested many times. > > Oleg. > > -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists