| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <56EC0A89.3030606@arm.com> Date: Fri, 18 Mar 2016 14:02:49 +0000 From: James Morse <james.morse@....com> To: Pratyush Anand <panand@...hat.com> CC: David Long <dave.long@...aro.org>, Will Deacon <will.deacon@....com>, Catalin Marinas <catalin.marinas@....com>, Sandeepa Prabhu <sandeepa.s.prabhu@...il.com>, William Cohen <wcohen@...hat.com>, Steve Capper <steve.capper@...aro.org>, linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org, Marc Zyngier <marc.zyngier@....com>, Dave P Martin <Dave.Martin@....com>, Mark Rutland <mark.rutland@....com>, Robin Murphy <Robin.Murphy@....com>, Ard Biesheuvel <ard.biesheuvel@...aro.org>, Jens Wiklander <jens.wiklander@...aro.org>, Christoffer Dall <christoffer.dall@...aro.org>, Alex Bennée <alex.bennee@...aro.org>, Yang Shi <yang.shi@...aro.org>, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Viresh Kumar <viresh.kumar@...aro.org>, "Suzuki K. Poulose" <suzuki.poulose@....com>, Kees Cook <keescook@...omium.org>, Zi Shen Lim <zlim.lnx@...il.com>, John Blackwood <john.blackwood@...r.com>, Feng Kan <fkan@....com>, Balamurugan Shanmugam <bshanmugam@....com>, Vladimir Murzin <Vladimir.Murzin@....com>, Mark Salyzyn <salyzyn@...roid.com>, Petr Mladek <pmladek@...e.com>, Andrew Morton <akpm@...ux-foundation.org>, Mark Brown <broonie@...nel.org> Subject: Re: [PATCH v11 3/9] arm64: add copy_to/from_user to kprobes blacklist Hi Pratyush, On 18/03/16 13:29, Pratyush Anand wrote: > Probably, I can see why does not it work. So, when we are single stepping an > instruction and page fault occurs, we will come to el1_da in entry.S. Here, we > do enable_dbg. As soon as we will do this, we will start receiving single step > exception after each instruction (not sure, probably for each alternate > instruction). Since, there will not be any matching single step handler for > these instructions, so we will see warning "Unexpected kernel single-step > exception at EL1". > > So, I think, we should > > (1) may be do not enable debug for el1_da, or > (2) enable_dbg only when single stepping is not enabled, or > (3) or disable single stepping during el1_da execution. > > (1) will solve the issue for sure, but not sure if it could be the best choice. A variation on (3): In kernel/entry.S when entered from EL0 we test for TIF_SINGLESTEP in the thread_info flags, and use disable_step_tsk/enable_step_tsk to save/restore the single-step state. Could we do this regardless of which EL we came from? Thanks, James
Powered by blists - more mailing lists