lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20200928111731.koa7am62uxxaezcz@holly.lan>
Date:   Mon, 28 Sep 2020 12:17:31 +0100
From:   Daniel Thompson <daniel.thompson@...aro.org>
To:     Jason Wessel <jason.wessel@...driver.com>,
        Douglas Anderson <dianders@...omium.org>
Cc:     Peter Zijlstra <peterz@...radead.org>, sumit.garg@...aro.org,
        pmladek@...e.com, sergey.senozhatsky@...il.com, will@...nel.org,
        Masami Hiramatsu <mhiramat@...nel.org>,
        kgdb-bugreport@...ts.sourceforge.net, linux-kernel@...r.kernel.org,
        patches@...aro.org
Subject: Re: [PATCH v3 0/3] kgdb: Honour the kprobe blocklist when setting
 breakpoints

On Sun, Sep 27, 2020 at 10:15:28PM +0100, Daniel Thompson wrote:
> kgdb has traditionally adopted a no safety rails approach to breakpoint
> placement. If the debugger is commanded to place a breakpoint at an
> address then it will do so even if that breakpoint results in kgdb
> becoming inoperable.
> 
> A stop-the-world debugger with memory peek/poke intrinsically provides
> its operator with the means to hose their system in all manner of
> exciting ways (not least because stopping-the-world is already a DoS
> attack ;-) ). Nevertheless the current no safety rail approach is
> difficult to defend, especially given kprobes can provide us with plenty
> of machinery to mark the parts of the kernel where breakpointing is
> discouraged.
> 
> This patchset introduces some safety rails by using the existing kprobes
> infrastructure and ensures this will be enabled by default on
> architectures that implement kprobes. At present it does not cover
> absolutely all locations where breakpoints can cause trouble but it will
> block off several avenues, including the architecture specific parts
> that are handled by arch_within_kprobe_blacklist().
> 
> v4:
> * Fixed KConfig dependencies for HONOUR_KPROBE_BLOCKLIST on kernels
>   where MODULES=n
> * Add additional debug_core.c functions to the blocklist (thanks Doug)
> * Collected a few tags

Looks like I neglected to bump the version number in the subject.
For the avoidance of doubt, this comment is correct and the subject
line is broken.

Sorry!


Daniel.


> 
> v3:
> * Dropped the single step blocklist checks. It is not proven that the
>   code was actually reachable without triggering the catastrophic
>   failure flag (which inhibits resume already).
> * Update patch description for ("kgdb: Add NOKPROBE labels...") and
>   added symbols that are called during trap exit
> * Added a new patch to push the breakpoint activation later in the
>   flow and ensure the I/O functions are not called with breakpoints
>   activated.
> 
> v2:
> * Reworked after initial RFC to make honouring the blocklist require
>   CONFIG_KPROBES. It is now optional but the blocklist will be enabled
>   by default for architectures that CONFIG_HAVE_KPROBES
> 
> Daniel Thompson (3):
>   kgdb: Honour the kprobe blocklist when setting breakpoints
>   kgdb: Add NOKPROBE labels on the trap handler functions
>   kernel: debug: Centralize dbg_[de]activate_sw_breakpoints
> 
>  include/linux/kgdb.h            | 18 ++++++++++++++++++
>  kernel/debug/debug_core.c       | 22 ++++++++++++++++++++++
>  kernel/debug/gdbstub.c          |  1 -
>  kernel/debug/kdb/kdb_bp.c       |  9 +++++++++
>  kernel/debug/kdb/kdb_debugger.c |  2 --
>  lib/Kconfig.kgdb                | 15 +++++++++++++++
>  6 files changed, 64 insertions(+), 3 deletions(-)
> 
> --
> 2.25.4
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ