| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200928111731.koa7am62uxxaezcz@holly.lan>
Date: Mon, 28 Sep 2020 12:17:31 +0100
From: Daniel Thompson <daniel.thompson@...aro.org>
To: Jason Wessel <jason.wessel@...driver.com>,
Douglas Anderson <dianders@...omium.org>
Cc: Peter Zijlstra <peterz@...radead.org>, sumit.garg@...aro.org,
pmladek@...e.com, sergey.senozhatsky@...il.com, will@...nel.org,
Masami Hiramatsu <mhiramat@...nel.org>,
kgdb-bugreport@...ts.sourceforge.net, linux-kernel@...r.kernel.org,
patches@...aro.org
Subject: Re: [PATCH v3 0/3] kgdb: Honour the kprobe blocklist when setting
breakpoints
On Sun, Sep 27, 2020 at 10:15:28PM +0100, Daniel Thompson wrote:
> kgdb has traditionally adopted a no safety rails approach to breakpoint
> placement. If the debugger is commanded to place a breakpoint at an
> address then it will do so even if that breakpoint results in kgdb
> becoming inoperable.
>
> A stop-the-world debugger with memory peek/poke intrinsically provides
> its operator with the means to hose their system in all manner of
> exciting ways (not least because stopping-the-world is already a DoS
> attack ;-) ). Nevertheless the current no safety rail approach is
> difficult to defend, especially given kprobes can provide us with plenty
> of machinery to mark the parts of the kernel where breakpointing is
> discouraged.
>
> This patchset introduces some safety rails by using the existing kprobes
> infrastructure and ensures this will be enabled by default on
> architectures that implement kprobes. At present it does not cover
> absolutely all locations where breakpoints can cause trouble but it will
> block off several avenues, including the architecture specific parts
> that are handled by arch_within_kprobe_blacklist().
>
> v4:
> * Fixed KConfig dependencies for HONOUR_KPROBE_BLOCKLIST on kernels
> where MODULES=n
> * Add additional debug_core.c functions to the blocklist (thanks Doug)
> * Collected a few tags
Looks like I neglected to bump the version number in the subject.
For the avoidance of doubt, this comment is correct and the subject
line is broken.
Sorry!
Daniel.
>
> v3:
> * Dropped the single step blocklist checks. It is not proven that the
> code was actually reachable without triggering the catastrophic
> failure flag (which inhibits resume already).
> * Update patch description for ("kgdb: Add NOKPROBE labels...") and
> added symbols that are called during trap exit
> * Added a new patch to push the breakpoint activation later in the
> flow and ensure the I/O functions are not called with breakpoints
> activated.
>
> v2:
> * Reworked after initial RFC to make honouring the blocklist require
> CONFIG_KPROBES. It is now optional but the blocklist will be enabled
> by default for architectures that CONFIG_HAVE_KPROBES
>
> Daniel Thompson (3):
> kgdb: Honour the kprobe blocklist when setting breakpoints
> kgdb: Add NOKPROBE labels on the trap handler functions
> kernel: debug: Centralize dbg_[de]activate_sw_breakpoints
>
> include/linux/kgdb.h | 18 ++++++++++++++++++
> kernel/debug/debug_core.c | 22 ++++++++++++++++++++++
> kernel/debug/gdbstub.c | 1 -
> kernel/debug/kdb/kdb_bp.c | 9 +++++++++
> kernel/debug/kdb/kdb_debugger.c | 2 --
> lib/Kconfig.kgdb | 15 +++++++++++++++
> 6 files changed, 64 insertions(+), 3 deletions(-)
>
> --
> 2.25.4
>
Powered by blists - more mailing lists