lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <2D8933AD-A3A8-4965-9061-3929D84AAAA2@amacapital.net>
Date:   Mon, 3 May 2021 16:15:06 -0700
From:   Andy Lutomirski <luto@...capital.net>
To:     Thomas Gleixner <tglx@...utronix.de>
Cc:     Linus Torvalds <torvalds@...ux-foundation.org>,
        Andy Lutomirski <luto@...nel.org>,
        Jens Axboe <axboe@...nel.dk>,
        Stefan Metzmacher <metze@...ba.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        io-uring <io-uring@...r.kernel.org>,
        the arch/x86 maintainers <x86@...nel.org>
Subject: Re: [PATCH] io_thread/x86: don't reset 'cs', 'ss', 'ds' and 'es' registers for io_threads



> On May 3, 2021, at 3:56 PM, Thomas Gleixner <tglx@...utronix.de> wrote:
> 
> On Mon, May 03 2021 at 15:08, Linus Torvalds wrote:
>>> On Mon, May 3, 2021 at 2:49 PM Andy Lutomirski <luto@...nel.org> wrote:
>>> 
>>> To be clear, I'm suggesting that we -EINVAL the PTRACE_GETREGS calls
>>> and such, not the ATTACH.  I have no idea what gdb will do if this
>>> happens, though.
>> 
>> I feel like the likelihood that it will make gdb work any better is
>> basically zero.
>> 
>> I think we should just do Stefan's patch - I assume it generates
>> something like four instructions (two loads, two stores) on x86-64,
>> and it "just works".
>> 
>> Yeah, yeah, it presumably generates 8 instructions on 32-bit x86, and
>> we could fix that by just using the constant __USER_CS/DS instead (no
>> loads necessary) since 32-bit doesn't have any compat issues.
>> 
>> But is it worth complicating the patch for a couple of instructions in
>> a non-critical path?
>> 
>> And I don't see anybody stepping up to say "yes, I will do the patch
>> for gdb", so I really think the least pain is to just take the very
>> straightforward and tested kernel patch.
>> 
>> Yes, yes, that also means admitting to ourselves that the gdb
>> situation isn't likely going to improve, but hey, if nobody in this
>> thread is willing to work on the gdb side to fix the known issues
>> there, isn't that the honest thing to do anyway?
> 
> GDB is one thing. But is this setup actually correct under all
> circumstances?
> 
> It's all fine that we have lots of blurb about GDB, but there is no
> reasoning why this does not affect regular kernel threads which take the
> same code path.
> 
> Neither is there an answer what happens in case of a signal delivered to
> this thread and what any other GDB/ptraced induced poking might cause.
> 
> This is a half setup user space thread which is assumed to behave like a
> regular kernel thread, but is this assumption actually true?
> 
> 

I’m personally concerned about FPU state. No one ever imagined when writing and reviewing the FPU state code that we were going to let ptrace poke the state on a kernel thread.

Now admittedly kernel_execve() magically turns kernel threads into user threads, but, again, I see no evidence that anyone has thought through all the implications of letting ptrace go to town before doing so.

(Is the io_uring thread a kthread style kernel thread?  kthread does horrible, horrible things with the thread stack.)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ