lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <87y2spb1nr.fsf@nanos.tec.linutronix.de>
Date:   Wed, 26 Feb 2020 20:15:36 +0100
From:   Thomas Gleixner <tglx@...utronix.de>
To:     Andy Lutomirski <luto@...nel.org>
Cc:     Andy Lutomirski <luto@...nel.org>,
        LKML <linux-kernel@...r.kernel.org>, X86 ML <x86@...nel.org>,
        Steven Rostedt <rostedt@...dmis.org>,
        Brian Gerst <brgerst@...il.com>,
        Juergen Gross <jgross@...e.com>,
        Paolo Bonzini <pbonzini@...hat.com>,
        Arnd Bergmann <arnd@...db.de>
Subject: Re: [patch 08/10] x86/entry/32: Remove the 0/-1 distinction from exception entries

Andy Lutomirski <luto@...nel.org> writes:
> On Wed, Feb 26, 2020 at 10:42 AM Thomas Gleixner <tglx@...utronix.de> wrote:
>> The pushed value is used as the error_code argument for the exception
>> handler and I really can't find a single one which cares (anymore).
>>
>> But darn and I overlooked that, it's propagated to do_trap() and
>> friends, but even if this causes a user visible change, I doubt that
>> anything cares about it today simply because for giggles a 64bit kernel
>> unconditionally pushes 0 for all exceptions which do not have a hardware
>> error code on stack. So any 32bit application which excpects a
>> particular error code (0/-1) in the signal would have been broken on the
>> first day it ran on a x64 bit kernel.
>>
>> If someone yells regression, then that's really trivial to fix in
>> C-code.
>
> I *think* this is plumbed much more directly to userspace:
>
> $ cat /proc/$$/syscall
> 61 0xffffffff 0x7ffccf734ed0 0xa 0x0 0x1 0x0 0x7ffccf734eb8 0x7f0667465eda

The task is in syscall 61. And the 0xffffffff is syscall args[0]. So I'm
not sure what you try to demonstrate.

> That entire feature is highly dubious and I suppose we could just
> delete it.  But right now, we at least pretend that we can tell,
> totally asynchronously, whether another task is in a syscall.  Unless
> we do *something*, though, I think you shouldn't make this change.

So if a task actually hits a breakpoint that syscall proc thing reads:

-1 0xffffd0e0 0x565561a6

So even if the entry stub pushs 0, the fixup turns it into -1.

Thanks,

        tglx

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ