| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 31 Jan 2015 08:18:50 -0800
From: "Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>
To: Andy Lutomirski <luto@...capital.net>
Cc: Sasha Levin <sasha.levin@...cle.com>,
Borislav Petkov <bp@...en8.de>, X86 ML <x86@...nel.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
Peter Zijlstra <peterz@...radead.org>,
Tony Luck <tony.luck@...el.com>,
Andi Kleen <andi@...stfloor.org>,
Josh Triplett <josh@...htriplett.org>,
Frédéric Weisbecker <fweisbec@...il.com>
Subject: Re: [PATCH] x86, traps: Fix ist_enter from userspace
On Sat, Jan 31, 2015 at 05:01:34AM -0800, Andy Lutomirski wrote:
> context_tracking_user_exit() has no effect if in_interrupt() returns true,
> so ist_enter() didn't work. Fix it by calling exception_enter(), and thus
> context_tracking_user_exit(), before incrementing the preempt count.
>
> This also adds an assertion that will catch the problem reliably if
> CONFIG_PROVE_RCU=y to help prevent the bug from being reintroduced.
>
> Fixes: 959274753857 x86, traps: Track entry into and exit from IST context
> Reported-by: Sasha Levin <sasha.levin@...cle.com>
> Signed-off-by: Andy Lutomirski <luto@...capital.net>
> ---
> arch/x86/kernel/traps.c | 25 ++++++++++++++++++-------
> 1 file changed, 18 insertions(+), 7 deletions(-)
>
> diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c
> index 7176f84f95a4..c74f2f5652da 100644
> --- a/arch/x86/kernel/traps.c
> +++ b/arch/x86/kernel/traps.c
> @@ -110,15 +110,11 @@ static inline void preempt_conditional_cli(struct pt_regs *regs)
>
> enum ctx_state ist_enter(struct pt_regs *regs)
> {
> - /*
> - * We are atomic because we're on the IST stack (or we're on x86_32,
> - * in which case we still shouldn't schedule.
> - */
> - preempt_count_add(HARDIRQ_OFFSET);
> + enum ctx_state prev_state;
>
> if (user_mode_vm(regs)) {
> /* Other than that, we're just an exception. */
> - return exception_enter();
> + prev_state = exception_enter();
> } else {
> /*
> * We might have interrupted pretty much anything. In
> @@ -127,12 +123,27 @@ enum ctx_state ist_enter(struct pt_regs *regs)
> * but we need to notify RCU.
> */
> rcu_nmi_enter();
> - return IN_KERNEL; /* the value is irrelevant. */
> + prev_state = IN_KERNEL; /* the value is irrelevant. */
> }
> +
> + /*
> + * We are atomic because we're on the IST stack (or we're on x86_32,
> + * in which case we still shouldn't schedule).
> + *
> + * This must be after exception_enter(), because exception_enter()
> + * won't do anything if in_interrupt() returns true.
> + */
> + preempt_count_add(HARDIRQ_OFFSET);
So the reason we need this here is that ist_exit() does not have
access to the bits tested by user_mode_vm()? Or is the idea to
avoid an additional test in ist_exit()? (Wondering why this isn't
in the above "else" clause.)
Thanx, Paul
> +
> + /* This code is a bit fragile. Test it. */
> + rcu_lockdep_assert(rcu_is_watching(), "ist_enter didn't work");
> +
> + return prev_state;
> }
>
> void ist_exit(struct pt_regs *regs, enum ctx_state prev_state)
> {
> + /* Must be before exception_exit. */
> preempt_count_sub(HARDIRQ_OFFSET);
>
> if (user_mode_vm(regs))
> --
> 2.1.0
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists