| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 13 Aug 2015 18:37:57 -0700 From: Andy Lutomirski <luto@...capital.net> To: Stas Sergeev <stsp@...t.ru> Cc: Linus Torvalds <torvalds@...ux-foundation.org>, Raymond Jennings <shentino@...il.com>, Cyrill Gorcunov <gorcunov@...il.com>, Pavel Emelyanov <xemul@...allels.com>, Linux kernel <linux-kernel@...r.kernel.org> Subject: Re: [regression] x86/signal/64: Fix SS handling for signals delivered to 64-bit programs breaks dosemu On Thu, Aug 13, 2015 at 6:32 PM, Stas Sergeev <stsp@...t.ru> wrote: > 14.08.2015 04:21, Andy Lutomirski пишет: > >> On Thu, Aug 13, 2015 at 5:50 PM, Stas Sergeev <stsp@...t.ru> wrote: >>> >>> 14.08.2015 03:27, Linus Torvalds пишет: >>>> >>>> On Thu, Aug 13, 2015 at 5:17 PM, Stas Sergeev <stsp@...t.ru> wrote: >>>>> >>>>> For example because you can as well do: >>>>> prctl(ARCH_SET_SIGNAL_SS, 0) >>>>> which will mean "restore ss in sighandler to its current value", >>>> >>>> I really think a prctl() is the wrong thing to do. >>>> >>>> If you want a signal handler to save/restore segments, I think it >>>> should be a SA_xyz flag to sigaction() (the way we have SA_RESTART >>> >>> Yes, I was proposing the new sigaction() flag in this thread >>> already too. But at the end, prctl() looks better to me because >>> it allows to pass the TLS value to use when restoring FS. >>> The thing is that I am trying to find the similar treatment for >>> both the SS and FS problems. If you don't think they need a >>> similar treatment, then perhaps the Andy's patch is enough. >>> >>>> etc). And off by default because of the obvious compatibility issues. >>> >>> Of course. >>> >>> So, what we have right now (in the latest Andy's patch) is: >>> 1. lar heuristics >>> 2. new uc_flags flag >>> >>> What it solves: dosemu's regression. >>> >>> What prctl() can give: >>> - fix to dosemu's regression >>> - fix to the TLS problem in the future >>> - no hack and heuristics >>> >>> With SA_xyz you can only solve the SS problem, so it is >>> probably not any better than the uc_flags things coded >>> up by Andy. >> >> I'm leaning slightly toward LAR heuristic + SA_SAVE_SS. > > Stop right here, doesn't the SA_xyz allow to avoid the > lar heuristic? Why would you still need the lar heuristic then? > Just call it SA_RESTORE_SS instead of SA_SAVE_SS, and > the lar heuristic is gone. The LAR heuristic is about five lines of code, and it makes signal delivery more reliable. Sure, we could gate the "regs->ss = __USER_DS" line on a flag, but why? > >> Unfortunately, I don't think we were clever enough to allow this to be >> probed easily -- we silently ignore unrecognized sa_flags bits. > > Big deal, check the kversion. :) Not so good. For example, if you made your DOSEMU patch to use the saved SS check the version, then the backported revert would break you. --Andy -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists