| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 04 Sep 2019 20:12:34 +0530
From: "Naveen N. Rao" <naveen.n.rao@...ux.vnet.ibm.com>
To: mikey@...ling.org, mpe@...erman.id.au,
Ravi Bangoria <ravi.bangoria@...ux.ibm.com>
Cc: benh@...nel.crashing.org, christophe.leroy@....fr,
linux-kernel@...r.kernel.org, linuxppc-dev@...ts.ozlabs.org,
npiggin@...il.com, paulus@...ba.org
Subject: Re: [PATCH v3 2/3] Powerpc64/Watchpoint: Don't ignore extraneous
exceptions
Ravi Bangoria wrote:
> On Powerpc64, watchpoint match range is double-word granular. On
> a watchpoint hit, DAR is set to the first byte of overlap between
> actual access and watched range. And thus it's quite possible that
> DAR does not point inside user specified range. Ex, say user creates
> a watchpoint with address range 0x1004 to 0x1007. So hw would be
> configured to watch from 0x1000 to 0x1007. If there is a 4 byte
> access from 0x1002 to 0x1005, DAR will point to 0x1002 and thus
> interrupt handler considers it as extraneous, but it's actually not,
> because part of the access belongs to what user has asked. So, let
> kernel pass it on to user and let user decide what to do with it
> instead of silently ignoring it. The drawback is, it can generate
> false positive events.
I think you should do the additional validation here, instead of
generating false positives. You should be able to read the instruction,
run it through analyse_instr(), and then use OP_IS_LOAD_STORE() and
GETSIZE() to understand the access range. This can be used to then
perform a better match against what the user asked for.
- Naveen
Powered by blists - more mailing lists