lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 9 Oct 2018 08:04:15 -0700 From: tip-bot for Dave Hansen <tipbot@...or.com> To: linux-tip-commits@...r.kernel.org Cc: luto@...nel.org, sean.j.christopherson@...el.com, dave.hansen@...ux.intel.com, mingo@...nel.org, hpa@...or.com, linux-kernel@...r.kernel.org, jannh@...gle.com, peterz@...radead.org, tglx@...utronix.de Subject: [tip:x86/mm] x86/mm: Fix exception table comments Commit-ID: 88259744e253777e898c186f08670c86dd8199bf Gitweb: https://git.kernel.org/tip/88259744e253777e898c186f08670c86dd8199bf Author: Dave Hansen <dave.hansen@...ux.intel.com> AuthorDate: Fri, 28 Sep 2018 09:02:27 -0700 Committer: Peter Zijlstra <peterz@...radead.org> CommitDate: Tue, 9 Oct 2018 16:51:16 +0200 x86/mm: Fix exception table comments The comments here are wrong. They are too absolute about where faults can occur when running in the kernel. The comments are also a bit hard to match up with the code. Trim down the comments, and make them more precise. Also add a comment explaining why we are doing the bad_area_nosemaphore() path here. Cc: x86@...nel.org Cc: Jann Horn <jannh@...gle.com> Cc: Sean Christopherson <sean.j.christopherson@...el.com> Cc: Thomas Gleixner <tglx@...utronix.de> Cc: Andy Lutomirski <luto@...nel.org> Signed-off-by: Dave Hansen <dave.hansen@...ux.intel.com> Signed-off-by: Peter Zijlstra (Intel) <peterz@...radead.org> Link: http://lkml.kernel.org/r/20180928160227.077DDD7A@viggo.jf.intel.com --- arch/x86/mm/fault.c | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c index 1d838701a5f7..57b074b02ebb 100644 --- a/arch/x86/mm/fault.c +++ b/arch/x86/mm/fault.c @@ -1351,24 +1351,26 @@ void do_user_addr_fault(struct pt_regs *regs, flags |= FAULT_FLAG_INSTRUCTION; /* - * When running in the kernel we expect faults to occur only to - * addresses in user space. All other faults represent errors in - * the kernel and should generate an OOPS. Unfortunately, in the - * case of an erroneous fault occurring in a code path which already - * holds mmap_sem we will deadlock attempting to validate the fault - * against the address space. Luckily the kernel only validly - * references user space from well defined areas of code, which are - * listed in the exceptions table. + * Kernel-mode access to the user address space should only occur + * on well-defined single instructions listed in the exception + * tables. But, an erroneous kernel fault occurring outside one of + * those areas which also holds mmap_sem might deadlock attempting + * to validate the fault against the address space. * - * As the vast majority of faults will be valid we will only perform - * the source reference check when there is a possibility of a - * deadlock. Attempt to lock the address space, if we cannot we then - * validate the source. If this is invalid we can skip the address - * space check, thus avoiding the deadlock: + * Only do the expensive exception table search when we might be at + * risk of a deadlock. This happens if we + * 1. Failed to acquire mmap_sem, and + * 2. The access did not originate in userspace. Note: either the + * hardware or earlier page fault code may set X86_PF_USER + * in sw_error_code. */ if (unlikely(!down_read_trylock(&mm->mmap_sem))) { if (!(sw_error_code & X86_PF_USER) && !search_exception_tables(regs->ip)) { + /* + * Fault from code in kernel from + * which we do not expect faults. + */ bad_area_nosemaphore(regs, sw_error_code, address, NULL); return; }
Powered by blists - more mailing lists