lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20200421071043.GA14844@willie-the-truck>
Date:   Tue, 21 Apr 2020 08:10:45 +0100
From:   Will Deacon <will@...nel.org>
To:     tingwei@...eaurora.org
Cc:     Mark Rutland <mark.rutland@....com>,
        Catalin Marinas <catalin.marinas@....com>,
        linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] arm64: hw_breakpoint: don't clear debug registers in
 halt mode

On Tue, Apr 21, 2020 at 11:49:11AM +0800, tingwei@...eaurora.org wrote:
> 在 2020-03-31 19:45,Will Deacon 写道:
> > On Tue, Mar 31, 2020 at 07:33:38PM +0800, tingwei@...eaurora.org wrote:
> > > 在 2020-03-31 15:41,Will Deacon 写道:
> > > > On Tue, Mar 31, 2020 at 10:39:42AM +0800, tingwei@...eaurora.org wrote:
> > > > > For reset the registers after "debug_enabled" is toggled, I'm
> > > > > thinking if
> > > > > we are adding unnecessary complexity here.If we take that approach, we
> > > > > will
> > > > > hook "debug_enabled" interface and use smp_call_function_single() to
> > > > > call
> > > > > hw_breakpoint_reset() on each CPU. Wait for all CPUs' execution done
> > > > > and
> > > > > change "debug_enabled". External debugger would clear the
> > > > > breakpoints when
> > > > > it detaches the device and restores its breakpoints when attaches the
> > > > > device.
> > > > > Assume debug_enabled is changed to one after external debugger
> > > > > detaches
> > > > > the
> > > > > device. Debugger would already clear the breakpoint registers. If
> > > > > debgger
> > > > > is
> > > > > still attached, there's nothing Kernel can do to stop it
> > > > > restores/programs
> > > > > the breakpoint registers.
> > > > >
> > > > > What do you think of this?
> > > >
> > > > It's all a bit of a mess. Looking at it some more, why can't the
> > > > external
> > > > debugger simply trap access to the debug registers using EDSCR.TDA? That
> > > > way, we don't have to change anything in the kernel.
> > > >
> > > 
> > > External debugger has the function to trap access to debug registers
> > > now.
> > > What do we expect debugger to do after core is stopped? Skip that msr
> > > instruction and continue to run?
> > 
> > The nicest thing to do would probably be to record all the accesses made
> > by the OS so that it can emulate reads and replay writes when external
> > debugging is over. Given that you'd still be expecting to pass
> > "nodebugmon",
> > the emulation should be pretty straightforward, I think.
> > 
> 
> To provide an update on this, I've worked with external debugger vendor on
> this.
> Now external debugger can trap the write to debug registers and ignore the
> write.
> This is the first step.

Thanks for the update! Please let us know if you run into any unforeseen
problems.

Will

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ