| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20210407211816.GP25319@zn.tnic>
Date: Wed, 7 Apr 2021 23:18:16 +0200
From: Borislav Petkov <bp@...en8.de>
To: Tony Luck <tony.luck@...el.com>
Cc: x86@...nel.org, linux-kernel@...r.kernel.org, linux-mm@...ck.org,
Andy Lutomirski <luto@...nel.org>,
Aili Yao <yaoaili@...gsoft.com>,
HORIGUCHI NAOYA( 堀口 直也)
<naoya.horiguchi@....com>
Subject: Re: [PATCH 3/4] mce/copyin: fix to not SIGBUS when copying from user
hits poison
On Thu, Mar 25, 2021 at 05:02:34PM -0700, Tony Luck wrote:
> Andy Lutomirski pointed out that sending SIGBUS to tasks that
> hit poison in the kernel copying syscall parameters from user
> address space is not the right semantic.
What does that mean exactly?
>From looking at the code, that is this conditional:
if (t == EX_HANDLER_UACCESS && regs && is_copy_from_user(regs)) {
m->kflags |= MCE_IN_KERNEL_RECOV;
m->kflags |= MCE_IN_KERNEL_COPYIN;
so what does the above have to do with syscall params?
If it is about us being in ring 0 and touching user memory and eating
poison in same *user* memory while doing so, then sure, that makes
sense.
> So stop doing that. Add a new kill_me_never() call back that
> simply unmaps and offlines the poison page.
Right, that's the same as handling poisoned user memory.
Thx.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette
Powered by blists - more mailing lists