lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20191211173711.GF14821@zn.tnic>
Date:   Wed, 11 Dec 2019 18:37:12 +0100
From:   Borislav Petkov <bp@...en8.de>
To:     Jann Horn <jannh@...gle.com>
Cc:     Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>,
        "H. Peter Anvin" <hpa@...or.com>, x86@...nel.org,
        Andrey Ryabinin <aryabinin@...tuozzo.com>,
        Alexander Potapenko <glider@...gle.com>,
        Dmitry Vyukov <dvyukov@...gle.com>, kasan-dev@...glegroups.com,
        linux-kernel@...r.kernel.org,
        Andrey Konovalov <andreyknvl@...gle.com>,
        Andy Lutomirski <luto@...nel.org>,
        Sean Christopherson <sean.j.christopherson@...el.com>
Subject: Re: [PATCH v6 4/4] x86/kasan: Print original address on #GP

On Mon, Dec 09, 2019 at 03:31:20PM +0100, Jann Horn wrote:
>  arch/x86/kernel/traps.c     | 12 ++++++++++-
>  arch/x86/mm/kasan_init_64.c | 21 -------------------
>  include/linux/kasan.h       |  6 ++++++
>  mm/kasan/report.c           | 40 +++++++++++++++++++++++++++++++++++++
>  4 files changed, 57 insertions(+), 22 deletions(-)

I need a KASAN person ACK here, I'd guess.

> diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c
> index c8b4ae6aed5b..7813592b4fb3 100644
> --- a/arch/x86/kernel/traps.c
> +++ b/arch/x86/kernel/traps.c
> @@ -37,6 +37,7 @@
>  #include <linux/mm.h>
>  #include <linux/smp.h>
>  #include <linux/io.h>
> +#include <linux/kasan.h>
>  #include <asm/stacktrace.h>
>  #include <asm/processor.h>
>  #include <asm/debugreg.h>
> @@ -589,6 +590,8 @@ do_general_protection(struct pt_regs *regs, long error_code)
>  	if (!user_mode(regs)) {
>  		enum kernel_gp_hint hint = GP_NO_HINT;
>  		unsigned long gp_addr;
> +		unsigned long flags;
> +		int sig;
>  
>  		if (fixup_exception(regs, X86_TRAP_GP, error_code, 0))
>  			return;
> @@ -621,7 +624,14 @@ do_general_protection(struct pt_regs *regs, long error_code)
>  				 "maybe for address",
>  				 gp_addr);
>  
> -		die(desc, regs, error_code);
> +		flags = oops_begin();
> +		sig = SIGSEGV;
> +		__die_header(desc, regs, error_code);
> +		if (hint == GP_NON_CANONICAL)
> +			kasan_non_canonical_hook(gp_addr);
> +		if (__die_body(desc, regs, error_code))
> +			sig = 0;
> +		oops_end(flags, regs, sig);

Instead of opencoding it like this, can we add a

	die_addr(desc, regs, error_code, gp_addr);

to arch/x86/kernel/dumpstack.c and call it from here:

	if (hint != GP_NON_CANONICAL)
		gp_addr = 0;

	die_addr(desc, regs, error_code, gp_addr);

This way you won't need to pass down to die_addr() the hint too - you
code into gp_addr whether it was non-canonical or not.

The

+       if (addr < KASAN_SHADOW_OFFSET)
+               return;

check in kasan_non_canonical_hook() would then catch it when addr == 0.

Hmmm?

-- 
Regards/Gruss,
    Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ