lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 25 Apr 2016 10:39:56 +0200
From:	Petr Mladek <pmladek@...e.com>
To:	Andrew Morton <akpm@...ux-foundation.org>
Cc:	Huang Shijie <shijie.huang@....com>, steve.capper@....com,
	linux-kernel@...r.kernel.org, masami.hiramatsu.pt@...achi.com,
	nd@....com
Subject: Re: [PATCH] kprobes: add the "tls" argument for j_do_fork

On Fri 2016-04-22 13:58:12, Andrew Morton wrote:
> On Thu, 14 Apr 2016 17:16:40 +0800 Huang Shijie <shijie.huang@....com> wrote:
> 
> > The patch "3033f14a clone: support passing tls argument via C rather ..."
> > added the tls argument for _do_fork(). The patch adds the "tls" argument
> > for j_do_fork to make it match  _do_fork().
> > 
> > ...
> >
> > --- a/samples/kprobes/jprobe_example.c
> > +++ b/samples/kprobes/jprobe_example.c
> > @@ -25,7 +25,7 @@
> >  /* Proxy routine having the same arguments as actual _do_fork() routine */
> >  static long j_do_fork(unsigned long clone_flags, unsigned long stack_start,
> >  	      unsigned long stack_size, int __user *parent_tidptr,
> > -	      int __user *child_tidptr)
> > +	      int __user *child_tidptr, unsigned long tls)
> >  {
> >  	pr_info("jprobe: clone_flags = 0x%lx, stack_start = 0x%lx "
> >  		"stack_size = 0x%lx\n", clone_flags, stack_start, stack_size);
> 
> The changelog failed to tell us what are the runtime effects of this
> bug.  Please always include this info so that others can decide
> which kernel version(s) need fixing.

It does not have any visible effects on x86_64. I am not 100% sure
but I think that in the worst case it would print a garbage
but it should not break anything on any other architecture.

The point is that the probe prints only the first 3 arguments.
Therefore as long as these three argumetns are passed the same way
in a function with 5 or 6 argumetns, it should print the right
values.

It prints direct values (not via a pointer), so it should _not_
cause any out of memory access.

Finally, AFAIK, jprobes restore the original stack and registers
when they go back to the original code. So, this "broken" probe
should not cause any harm.

But it is worth fixing, definitely.

Best Regards,
Petr

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ