| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20180511023703.GA18521@lerouge>
Date: Fri, 11 May 2018 04:37:05 +0200
From: Frederic Weisbecker <frederic@...nel.org>
To: Andy Lutomirski <luto@...nel.org>
Cc: Mark Rutland <mark.rutland@....com>,
LKML <linux-kernel@...r.kernel.org>,
Jiri Olsa <jolsa@...hat.com>,
Namhyung Kim <namhyung@...nel.org>,
Peter Zijlstra <peterz@...radead.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Yoshinori Sato <ysato@...rs.sourceforge.jp>,
Benjamin Herrenschmidt <benh@...nel.crashing.org>,
Catalin Marinas <catalin.marinas@....com>,
Chris Zankel <chris@...kel.net>,
Paul Mackerras <paulus@...ba.org>,
Thomas Gleixner <tglx@...utronix.de>,
Will Deacon <will.deacon@....com>,
Michael Ellerman <mpe@...erman.id.au>,
Rich Felker <dalias@...c.org>, Ingo Molnar <mingo@...nel.org>,
Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
Arnaldo Carvalho de Melo <acme@...nel.org>,
Max Filippov <jcmvbkbc@...il.com>
Subject: Re: [PATCH 4/9] arm: Split breakpoint validation into "check" and
"commit"
On Wed, May 09, 2018 at 07:51:28PM +0000, Andy Lutomirski wrote:
> On Wed, May 9, 2018 at 4:33 AM Mark Rutland <mark.rutland@....com> wrote:
>
> > On Tue, May 08, 2018 at 12:13:23PM +0100, Mark Rutland wrote:
> > > Hi Frederick,
> > >
> > > On Sun, May 06, 2018 at 09:19:50PM +0200, Frederic Weisbecker wrote:
> > > > The breakpoint code mixes up attribute check and commit into a single
> > > > code entity. Therefore the validation may return an error due to
> > > > incorrect atributes while still leaving halfway modified architecture
> > > > breakpoint struct.
> > > >
> > > > Prepare fox fixing this misdesign and separate both logics.
> > >
> > > Could you elaborate on what the problem is? I would have expected that
> > > when arch_build_bp_info() returns an error code, we wouldn't
> > > subsequently use the arch_hw_breakpoint information. Where does that
> > > happen?
>
> > From digging, I now see that this is a problem when
> > modify_user_hw_breakpoint() is called on an existing breakpoint. It
> > would be nice to mention that in the commit message.
>
> > > I also see that the check and commit hooks have to duplicate a
> > > reasonable amount of logic, e.g. the switch on bp->attr.type. Can we
> > > instead refactor the existing arch_build_bp_info() hooks to use a
> > > temporary arch_hw_breakpoint, and then struct assign it after all the
> > > error cases, > e.g.
> > >
> > > static int arch_build_bp_info(struct perf_event *bp)
> > > {
> > > struct arch_hw_breakpoint hbp;
> > >
> > > if (some_condition(bp))
> > > hbp->field = 0xf00;
> > >
> > > switch (bp->attr.type) {
> > > case FOO:
> > > return -EINVAL;
> > > case BAR:
> > > hbp->other_field = 7;
> > > break;
> > > };
> > >
> > > if (failure_case(foo))
> > > return err;
> > >
> > > *counter_arch_bp(bp) = hbp;
> > > }
> > >
> > > ... or is that also problematic?
>
> > IIUC, this *would* work, but it is a little opaque.
>
> > Perhaps we could explicitly pass the temporary arch_hw_breakpoint in,
> > and have the core code struct-assign it after checking for errors?
>
> Hmm, maybe. OTOH, I'm not really convinced that arch_hw_breakpoint is even
> needed. x86 at least could probably just regenerate the DRn and DR7 bits
> on the fly as needed rather than caching them with basically no loss in
> performance.
I'm not sure, we would need to translate the length and types everytime we
schedule in/out a perf breakpoint event. Maybe it's not too much a big deal
but perf event sched in/out is something I would consider a fast path and
there is quite a few switch/case involved there.
Powered by blists - more mailing lists