| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20190702113355.5be9ebfe@gandalf.local.home>
Date: Tue, 2 Jul 2019 11:33:55 -0400
From: Steven Rostedt <rostedt@...dmis.org>
To: Thomas Gleixner <tglx@...utronix.de>
Cc: Peter Zijlstra <peterz@...radead.org>,
Eiichi Tsukata <devel@...ukata.com>, edwintorok@...il.com,
mingo@...hat.com, bp@...en8.de, hpa@...or.com, x86@...nel.org,
linux-kernel@...r.kernel.org, Josh Poimboeuf <jpoimboe@...hat.com>
Subject: Re: [PATCH] x86/stacktrace: Do not access user space memory
unnecessarily
On Tue, 2 Jul 2019 16:14:05 +0200 (CEST)
Thomas Gleixner <tglx@...utronix.de> wrote:
> On Tue, 2 Jul 2019, Peter Zijlstra wrote:
>
> > On Tue, Jul 02, 2019 at 02:31:51PM +0900, Eiichi Tsukata wrote:
> > > Put the boundary check before it accesses user space to prevent unnecessary
> > > access which might crash the machine.
> > >
> > > Especially, ftrace preemptirq/irq_disable event with user stack trace
> > > option can trigger SEGV in pid 1 which leads to panic.
Note, I'm only able to trigger this crash with the irq_disable event.
The irq_enable and preempt_disable/enable events work just fine. This
leads me to believe that the TRACE_IRQS_OFF macro (which uses a thunk
trampoline) may have some issues and is probably the place to look at.
-- Steve
>
> It triggers segfaults in random user processes which is bad enough.
>
> And even with that 'fix' applied I can see random segfaults just less
> frequent.
>
> > > RIP: 0033:0x55be7ad1c89f
> > > Code: Bad RIP value.
> >
> > ^^^ that's weird, no amount of unwinding should affect regs->ip.
>
>
Powered by blists - more mailing lists