lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 12 Jan 2015 15:28:12 +0100
From:	Oleg Nesterov <oleg@...hat.com>
To:	Pratyush Anand <panand@...hat.com>
Cc:	tixy@...aro.org, linux@....linux.org.uk, ananth@...ibm.com,
	sandeepa.prabhu@...aro.org, catalin.marinas@....com,
	will.deacon@....com, linux-kernel@...r.kernel.org,
	anil.s.keshavamurthy@...el.com, masami.hiramatsu.pt@...achi.com,
	wcohen@...hat.com, linux-arm-kernel@...ts.infradead.org
Subject: Re: [RFC 8/8] ARM64: Add uprobe support

On 01/12, Pratyush Anand wrote:
>
>
> On Friday 09 January 2015 11:29 PM, Oleg Nesterov wrote:
>> On 12/31, Pratyush Anand wrote:
>>>
>>> +int arch_uprobe_analyze_insn(struct arch_uprobe *auprobe, struct mm_struct *mm,
>>> +		unsigned long addr)
>>> +{
>>> +	probe_opcode_t insn;
>>> +
>>> +	insn = *(probe_opcode_t *)(&auprobe->insn[0]);
>>> +
>>> +	switch (arm_probe_decode_insn(insn, &auprobe->ainsn)) {
>>> +	case INSN_REJECTED:
>>> +		return -EINVAL;
>>> +
>>> +	case INSN_GOOD_NO_SLOT:
>>> +		auprobe->simulate = true;
>>> +		if (auprobe->ainsn.prepare)
>>> +			auprobe->ainsn.prepare(insn, &auprobe->ainsn);
>>> +		break;
>>> +
>>> +	case INSN_GOOD:
>>> +	default:
>>> +		break;
>>> +	}
>>> +
>>> +	return 0;
>>> +}
>>
>> forgot to mention... shouldn't it also check IS_ALIGNED(addr, AARCH64_INSN_SIZE) ?
>>
>> I do not know if unaligned insn address is valid on arm64 or not, but please
>
> AARCH64 instructions are always of fixed lenght ie 4 bytes. I do not see
> possibility of addr being unaligned. Please let me know, if I am missing
> something.

A user can write any offset into uprobe_events, and the generic code doesn't
check it is aligned.

>> note that at least it should not cross the page boundary, set_swbp() needs to
>> write AARCH64_INSN_SIZE == UPROBE_SWBP_INSN bytes and it assumes that this
>> should fit the single page.
>
> So, again I do not see the possibility of crossing of page boundary for
> any instruction address.

See above. So yes, it should really check IS_ALIGNED(AARCH64_INSN_SIZE).

Oleg.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ