lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20200311162858.GK3216816@arrakis.emea.arm.com>
Date:   Wed, 11 Mar 2020 16:28:58 +0000
From:   Catalin Marinas <catalin.marinas@....com>
To:     Mark Brown <broonie@...nel.org>
Cc:     Will Deacon <will@...nel.org>,
        Alexander Viro <viro@...iv.linux.org.uk>,
        Paul Elliott <paul.elliott@....com>,
        Peter Zijlstra <peterz@...radead.org>,
        Yu-cheng Yu <yu-cheng.yu@...el.com>,
        Amit Kachhap <amit.kachhap@....com>,
        Vincenzo Frascino <vincenzo.frascino@....com>,
        Marc Zyngier <maz@...nel.org>,
        Eugene Syromiatnikov <esyr@...hat.com>,
        Szabolcs Nagy <szabolcs.nagy@....com>,
        "H . J . Lu " <hjl.tools@...il.com>,
        Andrew Jones <drjones@...hat.com>,
        Kees Cook <keescook@...omium.org>,
        Arnd Bergmann <arnd@...db.de>, Jann Horn <jannh@...gle.com>,
        Richard Henderson <richard.henderson@...aro.org>,
        Kristina Martšenko <kristina.martsenko@....com>,
        Thomas Gleixner <tglx@...utronix.de>,
        Florian Weimer <fweimer@...hat.com>,
        Sudakshina Das <sudi.das@....com>,
        linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org,
        linux-arch@...r.kernel.org, linux-fsdevel@...r.kernel.org
Subject: Re: [PATCH v8 00/11] arm64: Branch Target Identification support

On Tue, Mar 10, 2020 at 12:42:26PM +0000, Mark Brown wrote:
> On Mon, Mar 09, 2020 at 09:05:05PM +0000, Mark Brown wrote:
> > On Fri, Mar 06, 2020 at 10:27:29AM +0000, Catalin Marinas wrote:
> 
> > > Does this series affect uprobes in any way? I.e. can you probe a landing
> > > pad?
> 
> > You can't probe a landing pad, uprobes on landing pads will be silently
> > ignored so the program isn't disrupted, you just don't get the expected
> > trace from those uprobes.  This isn't new with the BTI support since
> > the landing pads are generally pointer auth instructions, these already
> > can't be probed regardless of what's going on with this series.  It's
> > already on the list to get sorted.
> 
> Sorry, I realized thanks to Amit's off-list prompting that I was testing
> that I was verifying with the wrong kernel binary here (user error since
> it took me a while to sort out uprobes) so this isn't quite right - you
> can probe the landing pads with or without this series.

Can we not change aarch64_insn_is_nop() to actually return true only for
NOP and ignore everything else in the hint space? We tend to re-use the
hint instructions for new things in the architecture, so I'd rather
white-list what we know we can safely probe than black-listing only some
of the hint instructions.

I haven't assessed the effort of doing the above (probably not a lot)
but as a short-term workaround we could add the BTI and PAC hint
instructions to the aarch64_insn_is_nop() (though my preferred option is
the white-list one).

-- 
Catalin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ