| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 11 Dec 2019 18:37:12 +0100
From: Borislav Petkov <bp@...en8.de>
To: Jann Horn <jannh@...gle.com>
Cc: Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>,
"H. Peter Anvin" <hpa@...or.com>, x86@...nel.org,
Andrey Ryabinin <aryabinin@...tuozzo.com>,
Alexander Potapenko <glider@...gle.com>,
Dmitry Vyukov <dvyukov@...gle.com>, kasan-dev@...glegroups.com,
linux-kernel@...r.kernel.org,
Andrey Konovalov <andreyknvl@...gle.com>,
Andy Lutomirski <luto@...nel.org>,
Sean Christopherson <sean.j.christopherson@...el.com>
Subject: Re: [PATCH v6 4/4] x86/kasan: Print original address on #GP
On Mon, Dec 09, 2019 at 03:31:20PM +0100, Jann Horn wrote:
> arch/x86/kernel/traps.c | 12 ++++++++++-
> arch/x86/mm/kasan_init_64.c | 21 -------------------
> include/linux/kasan.h | 6 ++++++
> mm/kasan/report.c | 40 +++++++++++++++++++++++++++++++++++++
> 4 files changed, 57 insertions(+), 22 deletions(-)
I need a KASAN person ACK here, I'd guess.
> diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c
> index c8b4ae6aed5b..7813592b4fb3 100644
> --- a/arch/x86/kernel/traps.c
> +++ b/arch/x86/kernel/traps.c
> @@ -37,6 +37,7 @@
> #include <linux/mm.h>
> #include <linux/smp.h>
> #include <linux/io.h>
> +#include <linux/kasan.h>
> #include <asm/stacktrace.h>
> #include <asm/processor.h>
> #include <asm/debugreg.h>
> @@ -589,6 +590,8 @@ do_general_protection(struct pt_regs *regs, long error_code)
> if (!user_mode(regs)) {
> enum kernel_gp_hint hint = GP_NO_HINT;
> unsigned long gp_addr;
> + unsigned long flags;
> + int sig;
>
> if (fixup_exception(regs, X86_TRAP_GP, error_code, 0))
> return;
> @@ -621,7 +624,14 @@ do_general_protection(struct pt_regs *regs, long error_code)
> "maybe for address",
> gp_addr);
>
> - die(desc, regs, error_code);
> + flags = oops_begin();
> + sig = SIGSEGV;
> + __die_header(desc, regs, error_code);
> + if (hint == GP_NON_CANONICAL)
> + kasan_non_canonical_hook(gp_addr);
> + if (__die_body(desc, regs, error_code))
> + sig = 0;
> + oops_end(flags, regs, sig);
Instead of opencoding it like this, can we add a
die_addr(desc, regs, error_code, gp_addr);
to arch/x86/kernel/dumpstack.c and call it from here:
if (hint != GP_NON_CANONICAL)
gp_addr = 0;
die_addr(desc, regs, error_code, gp_addr);
This way you won't need to pass down to die_addr() the hint too - you
code into gp_addr whether it was non-canonical or not.
The
+ if (addr < KASAN_SHADOW_OFFSET)
+ return;
check in kasan_non_canonical_hook() would then catch it when addr == 0.
Hmmm?
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
Powered by blists - more mailing lists