lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1529235613.4572.7.camel@gmx.de>
Date:   Sun, 17 Jun 2018 13:40:13 +0200
From:   Mike Galbraith <efault@....de>
To:     Alexey Dobriyan <adobriyan@...il.com>
Cc:     torvalds@...ux-foundation.org, tglx@...utronix.de,
        mingo@...nel.org, jpoimboe@...hat.com, adobriyan@...il.com,
        luto@...nel.org, peterz@...radead.org, brgerst@...il.com,
        hpa@...or.com, linux-kernel@...r.kernel.org, dvlasenk@...hat.com,
        h.peter.anvin@...el.com, bp@...en8.de,
        linux-tip-commits <linux-tip-commits@...r.kernel.org>
Subject: Re: [tip:x86/pti] x86/asm: Pad assembly functions with INT3
 instructions

On Mon, 2018-05-14 at 05:53 -0700, tip-bot for Alexey Dobriyan wrote:
> Commit-ID:  51bad67ffbce0aaa44579f84ef5d05597054ec6a
> Gitweb:     https://git.kernel.org/tip/51bad67ffbce0aaa44579f84ef5d05597054ec6a
> Author:     Alexey Dobriyan <adobriyan@...il.com>
> AuthorDate: Tue, 8 May 2018 00:37:55 +0300
> Committer:  Ingo Molnar <mingo@...nel.org>
> CommitDate: Mon, 14 May 2018 11:43:03 +0200
> 
> x86/asm: Pad assembly functions with INT3 instructions
> 
> Use INT3 instead of NOP. All that padding between functions is
> an illegal area, no legitimate code should jump into it.

Is dinky patchlet suggesting cryptomgr is being naughty?

(revert silences spew, but..)

...
[   21.041608] int3: 0000 [#1] SMP PTI
[   21.041754] CPU: 3 PID: 935 Comm: cryptomgr_test Tainted: G            E     4.17.0.g075a1d3-tip-default #146
[   21.041888] Hardware name: MEDION MS-7848/MS-7848, BIOS M7848W08.20C 09/23/2013
[   21.042035] RIP: 0010:crypto_aegis128_aesni_enc_tail+0x74/0x80 [aegis128_aesni]
[   21.042171] Code: 38 dc ca 66 0f 38 dc d3 66 0f 38 dc de 66 0f ef e5 f3 0f 7f 27 f3 0f 7f 47 10 f3 0f 7f 4f 20 f3 0f 7f 57 30 f3 0f 7f 5f 40 cc <cc> cc cc cc cc cc cc cc cc cc cc cc 48 83 fe 10 0f 82 c3 03 00 00 
[   21.042333] RSP: 0018:ffff963f81ee79b8 EFLAGS: 00000246
[   21.042485] RAX: ffffffffc0985950 RBX: 0000000000000001 RCX: ffff8a3ab90d6000
[   21.042640] RDX: ffff8a3ab90d6000 RSI: 0000000000000001 RDI: ffff963f81ee7af0
[   21.042792] RBP: ffff963f81ee7a90 R08: 0000000000000001 R09: ffff8a3ab90d6000
[   21.042953] R10: c1267690ad7d2d9e R11: 00000000ffffffe0 R12: ffff8a3ab90d6000
[   21.043100] R13: ffffffffc0987040 R14: ffff963f81ee7af0 R15: ffff8a3ab90d6000
[   21.043250] FS:  0000000000000000(0000) GS:ffff8a3adecc0000(0000) knlGS:0000000000000000
[   21.043405] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   21.043554] CR2: 00007f2e169c4010 CR3: 00000001f700a005 CR4: 00000000001606e0
[   21.043704] Call Trace:
[   21.043854]  ? crypto_aegis128_aesni_process_crypt+0x8a/0xc0 [aegis128_aesni]
[   21.044004]  ? crypto_aegis128_aesni_crypt+0x238/0x440 [aegis128_aesni]
[   21.044156]  ? crypto_aegis128_aesni_crypt+0x238/0x440 [aegis128_aesni]
[   21.044311]  ? crypto_aegis128_aesni_encrypt+0x62/0xb0 [aegis128_aesni]
[   21.044454]  ? crypto_aegis128_aesni_encrypt+0x62/0xb0 [aegis128_aesni]
[   21.044597]  ? crypto_aead_setauthsize+0x23/0x40
[   21.044739]  ? __test_aead+0x632/0x15d0
[   21.044884]  ? crypto_aegis128_aesni_crypt+0x440/0x440 [aegis128_aesni]
[   21.045026]  ? __test_aead+0x632/0x15d0
[   21.045167]  ? crypto_alloc_tfm+0x52/0xf0
[   21.045308]  ? crypto_acomp_scomp_free_ctx+0x30/0x30
[   21.045449]  ? crypto_create_tfm+0x32/0xe0
[   21.045594]  ? crypto_acomp_scomp_free_ctx+0x30/0x30
[   21.045734]  ? crypto_acomp_scomp_free_ctx+0x30/0x30
[   21.045877]  ? test_aead+0x21/0xa0
[   21.046015]  ? alg_test_aead+0x3f/0xa0
[   21.046154]  ? alg_test.part.13+0x170/0x370
[   21.046291]  ? pick_next_task_fair+0x134/0x5d0
[   21.046426]  ? __switch_to+0x92/0x4b0
[   21.046565]  ? finish_task_switch+0x7f/0x2d0
[   21.046701]  ? __schedule+0x2b8/0x860
[   21.046833]  ? crypto_acomp_scomp_free_ctx+0x30/0x30
[   21.046963]  ? cryptomgr_test+0x40/0x50
[   21.047092]  ? kthread+0x11e/0x140
[   21.047221]  ? kthread_associate_blkcg+0xb0/0xb0
[   21.047350]  ? ret_from_fork+0x3a/0x50
[   21.047478] Modules linked in: aegis128_aesni(E+) snd_timer(E) crct10dif_pclmul(E) r8169(E) snd(E) crc32_pclmul(E) mii(E) iTCO_wdt(E) ghash_clmulni_intel(E) iTCO_vendor_support(E) pcbc(E) gpio_ich(E) aesni_intel(E) soundcore(E) aes_x86_64(E) lpc_ich(E) crypto_simd(E) mei_me(E) cryptd(E) mfd_core(E) i2c_i801(E) mei(E) glue_helper(E) pcspkr(E) thermal(E) intel_smartconnect(E) fan(E) nfsd(E) auth_rpcgss(E) nfs_acl(E) lockd(E) grace(E) sunrpc(E) sch_fq_codel(E) sr_mod(E) cdrom(E) hid_logitech_hidpp(E) hid_logitech_dj(E) uas(E) usb_storage(E) hid_generic(E) usbhid(E) nouveau(E) wmi(E) i2c_algo_bit(E) drm_kms_helper(E) syscopyarea(E) xhci_pci(E) sysfillrect(E) sysimgblt(E) fb_sys_fops(E) ahci(E) ttm(E) ehci_pci(E) libahci(E) xhci_hcd(E) ehci_hcd(E) libata(E) drm(E) usbcore(E) video(E) button(E) sd_mod(E)
[   21.048064]  vfat(E) fat(E) virtio_blk(E) virtio_mmio(E) virtio_pci(E) virtio_ring(E) virtio(E) ext4(E) crc32c_intel(E) crc16(E) mbcache(E) jbd2(E) loop(E) sg(E) dm_multipath(E) dm_mod(E) scsi_dh_rdac(E) scsi_dh_emc(E) scsi_dh_alua(E) scsi_mod(E) efivarfs(E)
[   21.048396] Dumping ftrace buffer:
[   21.048556]    (ftrace buffer empty)
[   21.048726] ---[ end trace 8cdd2dd0a107e807 ]---
[   21.048901] RIP: 0010:crypto_aegis128_aesni_enc_tail+0x74/0x80 [aegis128_aesni]
[   21.049051] Code: 38 dc ca 66 0f 38 dc d3 66 0f 38 dc de 66 0f ef e5 f3 0f 7f 27 f3 0f 7f 47 10 f3 0f 7f 4f 20 f3 0f 7f 57 30 f3 0f 7f 5f 40 cc <cc> cc cc cc cc cc cc cc cc cc cc cc 48 83 fe 10 0f 82 c3 03 00 00 
[   21.049224] RSP: 0018:ffff963f81ee79b8 EFLAGS: 00000246
[   21.049390] RAX: ffffffffc0985950 RBX: 0000000000000001 RCX: ffff8a3ab90d6000
[   21.049579] RDX: ffff8a3ab90d6000 RSI: 0000000000000001 RDI: ffff963f81ee7af0
[   21.049782] RBP: ffff963f81ee7a90 R08: 0000000000000001 R09: ffff8a3ab90d6000
[   21.049978] R10: c1267690ad7d2d9e R11: 00000000ffffffe0 R12: ffff8a3ab90d6000
[   21.050179] R13: ffffffffc0987040 R14: ffff963f81ee7af0 R15: ffff8a3ab90d6000
[   21.050377] FS:  0000000000000000(0000) GS:ffff8a3adecc0000(0000) knlGS:0000000000000000
[   21.050579] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   21.050777] CR2: 00007f2e169c4010 CR3: 00000001f700a005 CR4: 00000000001606e0
[   21.050981] BUG: sleeping function called from invalid context at ./include/linux/percpu-rwsem.h:34
[   21.051183] in_atomic(): 1, irqs_disabled(): 0, pid: 935, name: cryptomgr_test
[   21.051390] CPU: 3 PID: 935 Comm: cryptomgr_test Tainted: G      D     E     4.17.0.g075a1d3-tip-default #146
[   21.051592] Hardware name: MEDION MS-7848/MS-7848, BIOS M7848W08.20C 09/23/2013
[   21.051799] Call Trace:
[   21.052002]  dump_stack+0x85/0xcb
[   21.052207]  ___might_sleep+0xd8/0x130
[   21.052412]  exit_signals+0x21/0x1c0
[   21.052612]  do_exit+0xa0/0xb60
[   21.052808]  ? cryptomgr_test+0x40/0x50
[   21.052999]  ? kthread+0x11e/0x140
[   21.053176]  rewind_stack_do_exit+0x17/0x20
[   21.053354] note: cryptomgr_test[935] exited with preempt_count 2
...
[  200.214958] WARNING: CPU: 7 PID: 601 at crypto/algapi.c:369 crypto_wait_for_test+0x4c/0x60
[  200.214960] Modules linked in: fuse(E) devlink(E) ebtable_filter(E) ebtables(E) xt_comment(E) xt_physdev(E) br_netfilter(E) nfnetlink_cthelper(E) nfnetlink(E) af_packet(E) bridge(E) stp(E) llc(E) iscsi_ibft(E) iscsi_boot_sysfs(E) msr(E) ip6t_REJECT(E) nf_conntrack_ipv6(E) nf_defrag_ipv6(E) ipt_REJECT(E) xt_pkttype(E) xt_tcpudp(E) iptable_filter(E) bpfilter(E) ip6table_mangle(E) nf_conntrack_netbios_ns(E) nf_conntrack_broadcast(E) nf_conntrack_ipv4(E) nf_defrag_ipv4(E) ip_tables(E) xt_conntrack(E) nf_conntrack(E) libcrc32c(E) ip6table_filter(E) ip6_tables(E) x_tables(E) nls_iso8859_1(E) nls_cp437(E) joydev(E) snd_hda_codec_hdmi(E) snd_hda_codec_realtek(E) snd_hda_codec_generic(E) snd_hda_intel(E) snd_hda_codec(E) snd_hda_core(E) snd_hwdep(E) snd_pcm(E) aegis128_aesni(E+) snd_timer(E) crct10dif_pclmul(E)
[  200.215086]  r8169(E) snd(E) crc32_pclmul(E) mii(E) iTCO_wdt(E) ghash_clmulni_intel(E) iTCO_vendor_support(E) pcbc(E) gpio_ich(E) aesni_intel(E) soundcore(E) aes_x86_64(E) lpc_ich(E) crypto_simd(E) mei_me(E) cryptd(E) mfd_core(E) i2c_i801(E) mei(E) glue_helper(E) pcspkr(E) thermal(E) intel_smartconnect(E) fan(E) nfsd(E) auth_rpcgss(E) nfs_acl(E) lockd(E) grace(E) sunrpc(E) sch_fq_codel(E) sr_mod(E) cdrom(E) hid_logitech_hidpp(E) hid_logitech_dj(E) uas(E) usb_storage(E) hid_generic(E) usbhid(E) nouveau(E) wmi(E) i2c_algo_bit(E) drm_kms_helper(E) syscopyarea(E) xhci_pci(E) sysfillrect(E) sysimgblt(E) fb_sys_fops(E) ahci(E) ttm(E) ehci_pci(E) libahci(E) xhci_hcd(E) ehci_hcd(E) libata(E) drm(E) usbcore(E) video(E) button(E) sd_mod(E) vfat(E) fat(E) virtio_blk(E) virtio_mmio(E) virtio_pci(E) virtio_ring(E)
[  200.215188]  virtio(E) ext4(E) crc32c_intel(E) crc16(E) mbcache(E) jbd2(E) loop(E) sg(E) dm_multipath(E) dm_mod(E) scsi_dh_rdac(E) scsi_dh_emc(E) scsi_dh_alua(E) scsi_mod(E) efivarfs(E)
[  200.215216] CPU: 7 PID: 601 Comm: systemd-udevd Kdump: loaded Tainted: G      D W   E     4.17.0.g075a1d3-tip-default #146
[  200.215222] Hardware name: MEDION MS-7848/MS-7848, BIOS M7848W08.20C 09/23/2013
[  200.215230] RIP: 0010:crypto_wait_for_test+0x4c/0x60
[  200.215234] Code: c0 75 2b 48 8d bb b8 00 00 00 31 f6 e8 2d fe ff ff 48 8d bb a8 01 00 00 e8 61 13 40 00 85 c0 75 09 48 89 df 5b e9 54 e5 ff ff <0f> 0b eb f3 0f 0b eb ef 66 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 
[  200.215303] RSP: 0018:ffff963f826cfc88 EFLAGS: 00010286
[  200.215310] RAX: 00000000fffffe00 RBX: ffff8a3ab18cb400 RCX: 0000000000000002
[  200.215316] RDX: 0000000000000000 RSI: 000000009d980d40 RDI: ffff8a3ab18cb5b0
[  200.215321] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000024f
[  200.215327] R10: 0000000000000355 R11: 00000000003d0900 R12: 0000000000000000
[  200.215333] R13: ffffffffc0988000 R14: 0000000000000002 R15: ffff8a3ab02a7f80
[  200.215340] FS:  00007fe89d980d40(0000) GS:ffff8a3adedc0000(0000) knlGS:0000000000000000
[  200.215346] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  200.215351] CR2: 00007f83fc010e08 CR3: 00000003f1abe006 CR4: 00000000001606e0
[  200.215356] Call Trace:
[  200.215367]  crypto_register_alg+0x52/0x60
[  200.215376]  crypto_register_aeads+0x35/0xa0
[  200.215383]  ? 0xffffffffc0325000
[  200.215391]  do_one_initcall+0x46/0x1e9
[  200.215400]  ? __vunmap+0x76/0xb0
[  200.215408]  do_init_module+0x5b/0x203
[  200.215415]  load_module+0x19d3/0x1f50
[  200.215422]  ? __do_sys_finit_module+0xb7/0xd0
[  200.215427]  __do_sys_finit_module+0xb7/0xd0
[  200.215433]  do_syscall_64+0x60/0x180
[  200.215438]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  200.215442] RIP: 0033:0x7fe89c807139
[  200.215444] Code: 00 f3 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 2f 0d 2c 00 f7 d8 64 89 01 48 
[  200.215528] RSP: 002b:00007fff4d130458 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
[  200.215549] RAX: ffffffffffffffda RBX: 000055b492f18880 RCX: 00007fe89c807139
[  200.215551] RDX: 0000000000000000 RSI: 00007fe89d14383d RDI: 0000000000000016
[  200.215554] RBP: 00007fe89d14383d R08: 0000000000000000 R09: 000055b492ecd480
[  200.215581] R10: 0000000000000016 R11: 0000000000000246 R12: 0000000000020000
[  200.215583] R13: 000055b492fa55e0 R14: 0000000000000000 R15: 0000000000000000
[  200.215587] ---[ end trace 8cdd2dd0a107e808 ]---




Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ