| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <tip-88259744e253777e898c186f08670c86dd8199bf@git.kernel.org>
Date: Tue, 9 Oct 2018 08:04:15 -0700
From: tip-bot for Dave Hansen <tipbot@...or.com>
To: linux-tip-commits@...r.kernel.org
Cc: luto@...nel.org, sean.j.christopherson@...el.com,
dave.hansen@...ux.intel.com, mingo@...nel.org, hpa@...or.com,
linux-kernel@...r.kernel.org, jannh@...gle.com,
peterz@...radead.org, tglx@...utronix.de
Subject: [tip:x86/mm] x86/mm: Fix exception table comments
Commit-ID: 88259744e253777e898c186f08670c86dd8199bf
Gitweb: https://git.kernel.org/tip/88259744e253777e898c186f08670c86dd8199bf
Author: Dave Hansen <dave.hansen@...ux.intel.com>
AuthorDate: Fri, 28 Sep 2018 09:02:27 -0700
Committer: Peter Zijlstra <peterz@...radead.org>
CommitDate: Tue, 9 Oct 2018 16:51:16 +0200
x86/mm: Fix exception table comments
The comments here are wrong. They are too absolute about where
faults can occur when running in the kernel. The comments are
also a bit hard to match up with the code.
Trim down the comments, and make them more precise.
Also add a comment explaining why we are doing the
bad_area_nosemaphore() path here.
Cc: x86@...nel.org
Cc: Jann Horn <jannh@...gle.com>
Cc: Sean Christopherson <sean.j.christopherson@...el.com>
Cc: Thomas Gleixner <tglx@...utronix.de>
Cc: Andy Lutomirski <luto@...nel.org>
Signed-off-by: Dave Hansen <dave.hansen@...ux.intel.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@...radead.org>
Link: http://lkml.kernel.org/r/20180928160227.077DDD7A@viggo.jf.intel.com
---
arch/x86/mm/fault.c | 28 +++++++++++++++-------------
1 file changed, 15 insertions(+), 13 deletions(-)
diff --git a/arch/x86/mm/fault.c b/arch/x86/mm/fault.c
index 1d838701a5f7..57b074b02ebb 100644
--- a/arch/x86/mm/fault.c
+++ b/arch/x86/mm/fault.c
@@ -1351,24 +1351,26 @@ void do_user_addr_fault(struct pt_regs *regs,
flags |= FAULT_FLAG_INSTRUCTION;
/*
- * When running in the kernel we expect faults to occur only to
- * addresses in user space. All other faults represent errors in
- * the kernel and should generate an OOPS. Unfortunately, in the
- * case of an erroneous fault occurring in a code path which already
- * holds mmap_sem we will deadlock attempting to validate the fault
- * against the address space. Luckily the kernel only validly
- * references user space from well defined areas of code, which are
- * listed in the exceptions table.
+ * Kernel-mode access to the user address space should only occur
+ * on well-defined single instructions listed in the exception
+ * tables. But, an erroneous kernel fault occurring outside one of
+ * those areas which also holds mmap_sem might deadlock attempting
+ * to validate the fault against the address space.
*
- * As the vast majority of faults will be valid we will only perform
- * the source reference check when there is a possibility of a
- * deadlock. Attempt to lock the address space, if we cannot we then
- * validate the source. If this is invalid we can skip the address
- * space check, thus avoiding the deadlock:
+ * Only do the expensive exception table search when we might be at
+ * risk of a deadlock. This happens if we
+ * 1. Failed to acquire mmap_sem, and
+ * 2. The access did not originate in userspace. Note: either the
+ * hardware or earlier page fault code may set X86_PF_USER
+ * in sw_error_code.
*/
if (unlikely(!down_read_trylock(&mm->mmap_sem))) {
if (!(sw_error_code & X86_PF_USER) &&
!search_exception_tables(regs->ip)) {
+ /*
+ * Fault from code in kernel from
+ * which we do not expect faults.
+ */
bad_area_nosemaphore(regs, sw_error_code, address, NULL);
return;
}
Powered by blists - more mailing lists