lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20190424164032.GD21101@lakrids.cambridge.arm.com>
Date:   Wed, 24 Apr 2019 17:40:33 +0100
From:   Mark Rutland <mark.rutland@....com>
To:     Mathieu Desnoyers <mathieu.desnoyers@...icios.com>
Cc:     Peter Zijlstra <peterz@...radead.org>,
        "Paul E . McKenney" <paulmck@...ux.vnet.ibm.com>,
        Boqun Feng <boqun.feng@...il.com>,
        linux-kernel@...r.kernel.org, linux-api@...r.kernel.org,
        Thomas Gleixner <tglx@...utronix.de>,
        Andy Lutomirski <luto@...capital.net>,
        Dave Watson <davejwatson@...com>, Paul Turner <pjt@...gle.com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Russell King <linux@....linux.org.uk>,
        Ingo Molnar <mingo@...hat.com>,
        "H . Peter Anvin" <hpa@...or.com>,
        Andi Kleen <andi@...stfloor.org>, Chris Lameter <cl@...ux.com>,
        Ben Maurer <bmaurer@...com>,
        Steven Rostedt <rostedt@...dmis.org>,
        Josh Triplett <josh@...htriplett.org>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        Catalin Marinas <catalin.marinas@....com>,
        Will Deacon <will.deacon@....com>,
        Michael Kerrisk <mtk.manpages@...il.com>,
        Joel Fernandes <joelaf@...gle.com>,
        Shuah Khan <shuah@...nel.org>, linux-kselftest@...r.kernel.org
Subject: Re: [RFC PATCH for 5.2 08/10] rseq/selftests: aarch64 code
 signature: handle big-endian environment

On Wed, Apr 24, 2019 at 11:25:00AM -0400, Mathieu Desnoyers wrote:
> Handle compiling with -mbig-endian on aarch64, which generates binaries
> with mixed code vs data endianness (little endian code, big endian
> data).
> 
> Else mismatch between code endianness for the generated signatures and
> data endianness for the RSEQ_SIG parameter passed to the rseq
> registration will trigger application segmentation faults when the
> kernel try to abort rseq critical sections.
> 
> Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@...icios.com>
> CC: Peter Zijlstra <peterz@...radead.org>
> CC: Thomas Gleixner <tglx@...utronix.de>
> CC: Joel Fernandes <joelaf@...gle.com>
> CC: Catalin Marinas <catalin.marinas@....com>
> CC: Dave Watson <davejwatson@...com>
> CC: Will Deacon <will.deacon@....com>
> CC: Shuah Khan <shuah@...nel.org>
> CC: Andi Kleen <andi@...stfloor.org>
> CC: linux-kselftest@...r.kernel.org
> CC: "H . Peter Anvin" <hpa@...or.com>
> CC: Chris Lameter <cl@...ux.com>
> CC: Russell King <linux@....linux.org.uk>
> CC: Michael Kerrisk <mtk.manpages@...il.com>
> CC: "Paul E . McKenney" <paulmck@...ux.vnet.ibm.com>
> CC: Paul Turner <pjt@...gle.com>
> CC: Boqun Feng <boqun.feng@...il.com>
> CC: Josh Triplett <josh@...htriplett.org>
> CC: Steven Rostedt <rostedt@...dmis.org>
> CC: Ben Maurer <bmaurer@...com>
> CC: linux-api@...r.kernel.org
> CC: Andy Lutomirski <luto@...capital.net>
> CC: Andrew Morton <akpm@...ux-foundation.org>
> CC: Linus Torvalds <torvalds@...ux-foundation.org>
> ---
>  tools/testing/selftests/rseq/rseq-arm64.h | 17 +++++++++++++++--
>  1 file changed, 15 insertions(+), 2 deletions(-)
> 
> diff --git a/tools/testing/selftests/rseq/rseq-arm64.h b/tools/testing/selftests/rseq/rseq-arm64.h
> index b41a2a48e965..200dae9e4208 100644
> --- a/tools/testing/selftests/rseq/rseq-arm64.h
> +++ b/tools/testing/selftests/rseq/rseq-arm64.h
> @@ -6,7 +6,20 @@
>   * (C) Copyright 2018 - Will Deacon <will.deacon@....com>
>   */
>  
> -#define RSEQ_SIG	0xd428bc00	/* BRK #0x45E0 */
> +/*
> + * aarch64 -mbig-endian generates mixed endianness code vs data:
> + * little-endian code and big-endian data. Ensure the RSEQ_SIG signature
> + * matches code endianness.
> + */
> +#define RSEQ_SIG_CODE	0xd428bc00	/* BRK #0x45E0.  */
> +
> +#ifdef __AARCH64EB__
> +#define RSEQ_SIG_DATA	0x00bc28d4	/* BRK #0x45E0.  */
> +#else
> +#define RSEQ_SIG_DATA	RSEQ_SIG_CODE
> +#endif
> +
> +#define RSEQ_SIG	RSEQ_SIG_DATA
>  
>  #define rseq_smp_mb()	__asm__ __volatile__ ("dmb ish" ::: "memory")
>  #define rseq_smp_rmb()	__asm__ __volatile__ ("dmb ishld" ::: "memory")
> @@ -121,7 +134,7 @@ do {										\
>  
>  #define RSEQ_ASM_DEFINE_ABORT(label, abort_label)				\
>  	"	b	222f\n"							\
> -	"	.inst 	"	__rseq_str(RSEQ_SIG) "\n"			\
> +	"	.inst 	"	__rseq_str(RSEQ_SIG_CODE) "\n"			\

I don't think this is right; the .inst directive _should_ emit the value
in the instruction stream endianness (i.e. LE, regardless of the data
endianness).

That's certainly the case with the kernel.org crosstool GCC:

[mark@...rids:/mnt/data/tests/inst-test]% cat test.c                               
void func(void)
{
        asm volatile(".inst 0xd4000001");
}
[mark@...rids:/mnt/data/tests/inst-test]% usekorg 8.1.0 aarch64-linux-gcc -c test.c
[mark@...rids:/mnt/data/tests/inst-test]% usekorg 8.1.0 aarch64-linux-objdump -d test.o

test.o:     file format elf64-littleaarch64


Disassembly of section .text:

0000000000000000 <func>:
   0:   d4000001        svc     #0x0
   4:   d503201f        nop
   8:   d65f03c0        ret
[mark@...rids:/mnt/data/tests/inst-test]% usekorg 8.1.0 aarch64-linux-gcc -mbig-endian -c test.c
[mark@...rids:/mnt/data/tests/inst-test]% usekorg 8.1.0 aarch64-linux-objdump -d test.o         

test.o:     file format elf64-bigaarch64


Disassembly of section .text:

0000000000000000 <func>:
   0:   d4000001        svc     #0x0
   4:   d503201f        nop
   8:   d65f03c0        ret



Have you tested this? Is there some toolchain that doesn't get this
right?

Thanks,
Mark.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ